Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-03 | CVE-2020-24159 | Uncontrolled Search Path Element vulnerability in 163 Netease Youdao Dictionary 8.9.2.0 NetEase Youdao Dictionary has a DLL hijacking vulnerability, which can be exploited by attackers to gain server permissions. | 7.8 |
| 2020-09-03 | CVE-2020-24158 | Uncontrolled Search Path Element vulnerability in 360 Speed Browser 12.0.1247.0 360 Speed Browser 12.0.1247.0 has a DLL hijacking vulnerability, which can be exploited by attackers to execute malicious code. | 7.8 |
| 2020-09-02 | CVE-2020-25045 | Uncontrolled Search Path Element vulnerability in Kaspersky Security Center and Security Center web Console Installers of Kaspersky Security Center and Kaspersky Security Center Web Console prior to 12 & prior to 12 Patch A were vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges in the system. | 7.8 |
| 2020-09-02 | CVE-2020-15167 | Uncontrolled Search Path Element vulnerability in Johnkerl Miller 5.9.0 In Miller (command line utility) using the configuration file support introduced in version 5.9.0, it is possible for an attacker to cause Miller to run arbitrary code by placing a malicious `.mlrrc` file in the working directory. | 8.6 |
| 2020-08-31 | CVE-2020-5419 | Uncontrolled Search Path Element vulnerability in multiple products RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. | 6.7 |
| 2020-08-24 | CVE-2020-14349 | Uncontrolled Search Path Element vulnerability in multiple products It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. | 7.1 |
| 2020-08-19 | CVE-2020-9724 | Uncontrolled Search Path Element vulnerability in Adobe Lightroom 9.2.0.10 Adobe Lightroom versions 9.2.0.10 and earlier have an insecure library loading vulnerability. | 7.8 |
| 2020-08-17 | CVE-2020-3433 | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. | 7.8 |
| 2020-08-14 | CVE-2020-9767 | Uncontrolled Search Path Element vulnerability in Zoom Sharing Service 5.0.4 A vulnerability related to Dynamic-link Library (“DLL”) loading in the Zoom Sharing Service would allow an attacker who had local access to a machine on which the service was running with elevated privileges to elevate their system privileges as well through use of a malicious DLL. | 7.8 |
| 2020-08-13 | CVE-2020-7360 | Uncontrolled Search Path Element vulnerability in Philips Smartcontrol 4.3.15 An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. | 7.3 |