Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-19 | CVE-2019-20856 | Uncontrolled Search Path Element vulnerability in Mattermost Desktop 3.4.0/4.0.0/4.2.2 An issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. | 7.5 |
| 2020-06-11 | CVE-2020-11613 | Uncontrolled Search Path Element vulnerability in Mids' Reborn Hero Designer Project Mids' Reborn Hero Designer 2.6.0.7 Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. | 4.4 |
| 2020-06-10 | CVE-2020-7585 | Uncontrolled Search Path Element vulnerability in Siemens products A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). | 4.6 |
| 2020-06-10 | CVE-2019-3613 | Uncontrolled Search Path Element vulnerability in Mcafee Agent DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers with local access to execute arbitrary code via execution from a compromised folder. | 7.3 |
| 2020-06-09 | CVE-2020-9858 | Uncontrolled Search Path Element vulnerability in Apple Windows Migration Assistant A dynamic library loading issue was addressed with improved path searching. | 4.4 |
| 2020-05-28 | CVE-2020-5357 | Uncontrolled Search Path Element vulnerability in Dell products Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. | 2.6 |
| 2020-05-21 | CVE-2020-12431 | Uncontrolled Search Path Element vulnerability in Splashtop Software Updater and Streamer A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. | 6.3 |
| 2020-05-16 | CVE-2020-13110 | Uncontrolled Search Path Element vulnerability in Kerberos Project Kerberos The kerberos package before 1.0.0 for Node.js allows arbitrary code execution and privilege escalation via injection of malicious DLLs through use of the kerberos_sspi LoadLibrary() method, because of a DLL path search. | 7.8 |
| 2020-05-14 | CVE-2020-10616 | Uncontrolled Search Path Element vulnerability in Opto22 Softpac Project 9.6 Opto 22 SoftPAC Project Version 9.6 and prior. | 6.8 |
| 2020-05-14 | CVE-2020-10626 | Uncontrolled Search Path Element vulnerability in multiple products In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element vulnerability could allow a malicious DLL file with the same name of any resident DLLs inside the software installation to execute arbitrary code. | 6.9 |