Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-18 | CVE-2021-22665 | Uncontrolled Search Path Element vulnerability in Rockwellautomation Drivetools Add-On Profiles and Drivetools SP Rockwell Automation DriveTools SP v5.13 and below and Drives AOP v4.12 and below both contain a vulnerability that a local attacker with limited privileges may be able to exploit resulting in privilege escalation and complete control of the system. | 7.8 |
| 2021-03-12 | CVE-2021-21518 | Uncontrolled Search Path Element vulnerability in Dell products Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x contain a DLL injection vulnerability in the Costura Fody plugin. | 7.8 |
| 2021-03-12 | CVE-2021-20674 | Uncontrolled Search Path Element vulnerability in Ntt-Tx Magicconnect Untrusted search path vulnerability in Installer of MagicConnect Client program distributed before 2021 March 1 allows an attacker to gain privileges and via a Trojan horse DLL in an unspecified directory and to execute arbitrary code with the privilege of the user invoking the installer when a terminal is connected remotely using Remote desktop. | 7.8 |
| 2021-02-26 | CVE-2020-28646 | Uncontrolled Search Path Element vulnerability in Owncloud Desktop Client ownCloud owncloud/client before 2.7 allows DLL Injection. | 7.8 |
| 2021-02-17 | CVE-2021-1366 | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. | 7.8 |
| 2021-02-17 | CVE-2020-24485 | Uncontrolled Search Path Element vulnerability in Intel Trace Analyzer and Collector Improper conditions check in the Intel(R) FPGA OPAE Driver for Linux before kernel version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2021-02-17 | CVE-2020-24451 | Uncontrolled Search Path Element vulnerability in Intel Optane DC Persistent Memory Module Management Uncontrolled search path in the Intel(R) Optane(TM) DC Persistent Memory installer for Windows* before version 1.00.00.3506 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.3 |
| 2021-02-09 | CVE-2020-25238 | Uncontrolled Search Path Element vulnerability in Siemens products A vulnerability has been identified in PCS neo (Administration Console) (All versions < V3.1), TIA Portal (V15, V15.1 and V16). | 7.8 |
| 2021-01-29 | CVE-2020-35145 | Uncontrolled Search Path Element vulnerability in Acronis True Image Acronis True Image for Windows prior to 2021 Update 3 allowed local privilege escalation due to a DLL hijacking vulnerability in multiple components, aka an Untrusted Search Path issue. | 7.8 |
| 2021-01-27 | CVE-2021-25247 | Uncontrolled Search Path Element vulnerability in Trendmicro Housecall for Home Networks 5.3.0.1063 A DLL hijacking vulnerability Trend Micro HouseCall for Home Networks version 5.3.1063 and below could allow an attacker to use a malicious DLL to escalate privileges and perform arbitrary code execution. | 7.8 |