Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-09 | CVE-2016-5311 | Uncontrolled Search Path Element vulnerability in Symantec products A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges. | 7.8 |
| 2019-12-24 | CVE-2019-19954 | Uncontrolled Search Path Element vulnerability in Signal Signal-Desktop Signal Desktop before 1.29.1 on Windows allows local users to gain privileges by creating a Trojan horse %SYSTEMDRIVE%\node_modules\.bin\wmic.exe file. | 7.3 |
| 2019-12-23 | CVE-2019-5539 | Uncontrolled Search Path Element vulnerability in VMWare Horizon View Agent and Workstation VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. | 7.8 |
| 2019-12-18 | CVE-2019-19689 | Uncontrolled Search Path Element vulnerability in Trendmicro Housecall for Home Networks Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited via a DLL Hijack related to a vulnerability on the packer that the program uses. | 7.8 |
| 2019-12-18 | CVE-2019-19235 | Uncontrolled Search Path Element vulnerability in Asus ATK Package AsLdrSrv.exe in ASUS ATK Package before V1.0.0061 (for Windows 10 notebook PCs) could lead to unsigned code execution with no additional execution. | 7.0 |
| 2019-12-17 | CVE-2019-18670 | Uncontrolled Search Path Element vulnerability in Acer Quick Access In the Quick Access Service (QAAdminAgent.exe) in Acer Quick Access V2.01.3000 through 2.01.3027 and V3.00.3000 through V3.00.3008, a REGULAR user can load an arbitrary unsigned DLL into the signed service's process, which is running as NT AUTHORITY\SYSTEM. | 7.8 |
| 2019-12-11 | CVE-2019-3667 | Uncontrolled Search Path Element vulnerability in Mcafee Techcheck 3.0.0.17 DLL Search Order Hijacking vulnerability in the Microsoft Windows client in McAfee Tech Check 3.0.0.17 and earlier allows local users to execute arbitrary code via the local folder placed there by an attacker. | 7.8 |
| 2019-12-06 | CVE-2019-18575 | Uncontrolled Search Path Element vulnerability in Dell Command|Configure Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. | 7.1 |
| 2019-12-04 | CVE-2019-19364 | Uncontrolled Search Path Element vulnerability in Sony Catalyst Browse and Catalyst Production Suite A weak malicious user can escalate its privilege whenever CatalystProductionSuite.2019.1.exe (version 1.1.0.21) and CatalystBrowseSuite.2019.1.exe (version 1.1.0.21) installers run. | 7.8 |
| 2019-12-04 | CVE-2019-15638 | Uncontrolled Search Path Element vulnerability in Copadata Zenon 8.10 COPA-DATA zenone32 zenon Editor through 8.10 has an Uncontrolled Search Path Element. | 7.8 |