Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-22 | CVE-2021-28955 | Uncontrolled Search Path Element vulnerability in Git-Bug Project Git-Bug git-bug before 0.7.2 has an Uncontrolled Search Path Element. | 9.8 |
| 2021-03-21 | CVE-2021-28954 | Uncontrolled Search Path Element vulnerability in BIT Project BIT In Chris Walz bit before 1.0.5 on Windows, attackers can run arbitrary code via a .exe file in a crafted repository. | 7.8 |
| 2021-03-21 | CVE-2021-28953 | Uncontrolled Search Path Element vulnerability in C/C++ Advanced Lint Project C/C++ Advanced Lint The unofficial C/C++ Advanced Lint extension before 1.9.0 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted repository. | 7.8 |
| 2021-03-18 | CVE-2020-9367 | Uncontrolled Search Path Element vulnerability in Zohocorp Manageengine Desktop Central 10.0.486 The MPS Agent in Zoho ManageEngine Desktop Central MSP build MSP build 10.0.486 is vulnerable to DLL Hijacking: dcinventory.exe and dcconfig.exe try to load CSUNSAPI.dll without supplying the complete path. | 7.8 |
| 2021-03-12 | CVE-2021-21518 | Uncontrolled Search Path Element vulnerability in Dell products Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x contain a DLL injection vulnerability in the Costura Fody plugin. | 7.8 |
| 2021-03-12 | CVE-2021-20674 | Uncontrolled Search Path Element vulnerability in Ntt-Tx Magicconnect Untrusted search path vulnerability in Installer of MagicConnect Client program distributed before 2021 March 1 allows an attacker to gain privileges and via a Trojan horse DLL in an unspecified directory and to execute arbitrary code with the privilege of the user invoking the installer when a terminal is connected remotely using Remote desktop. | 7.8 |
| 2021-02-26 | CVE-2020-28646 | Uncontrolled Search Path Element vulnerability in Owncloud Desktop Client ownCloud owncloud/client before 2.7 allows DLL Injection. | 7.8 |
| 2021-02-17 | CVE-2021-1366 | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. | 7.8 |
| 2021-02-17 | CVE-2020-24485 | Uncontrolled Search Path Element vulnerability in Intel Trace Analyzer and Collector Improper conditions check in the Intel(R) FPGA OPAE Driver for Linux before kernel version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2021-02-17 | CVE-2020-24451 | Uncontrolled Search Path Element vulnerability in Intel Optane DC Persistent Memory Module Management Uncontrolled search path in the Intel(R) Optane(TM) DC Persistent Memory installer for Windows* before version 1.00.00.3506 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.3 |