Vulnerabilities > Uncontrolled Search Path Element

DATE CVE VULNERABILITY TITLE RISK
2019-12-03 CVE-2019-7365 Uncontrolled Search Path Element vulnerability in Autodesk Desktop 7.0.16.29
DLL preloading vulnerability in Autodesk Desktop Application versions 7.0.16.29 and earlier.
local
low complexity
autodesk CWE-427
7.8
2019-11-26 CVE-2019-16001 Uncontrolled Search Path Element vulnerability in Cisco Webex Meetings and Webex Teams
A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack.
local
low complexity
cisco CWE-427
5.3
2019-11-18 CVE-2019-18215 Uncontrolled Search Path Element vulnerability in Comodo Internet Security
An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0.
local
low complexity
comodo CWE-427
7.8
2019-11-15 CVE-2019-12758 Uncontrolled Search Path Element vulnerability in Symantec Endpoint Protection
Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature.
local
low complexity
symantec CWE-427
6.7
2019-11-14 CVE-2019-7962 Uncontrolled Search Path Element vulnerability in Adobe Illustrator CC
Adobe Illustrator CC versions 23.1 and earlier have an insecure library loading (dll hijacking) vulnerability.
local
low complexity
adobe CWE-427
7.8
2019-11-14 CVE-2019-7960 Uncontrolled Search Path Element vulnerability in Adobe Animate CC
Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability.
local
low complexity
adobe CWE-427
7.8
2019-11-12 CVE-2019-5695 Uncontrolled Search Path Element vulnerability in Nvidia Geforce Experience and GPU Driver
NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution.
local
low complexity
nvidia CWE-427
6.5
2019-11-09 CVE-2019-5701 Uncontrolled Search Path Element vulnerability in Nvidia Geforce Experience
NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure, or escalation of privileges through code execution.
local
low complexity
nvidia CWE-427
7.8
2019-11-09 CVE-2019-5694 Uncontrolled Search Path Element vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution.
local
low complexity
nvidia CWE-427
6.5
2019-10-24 CVE-2019-6692 Uncontrolled Search Path Element vulnerability in Fortinet Forticlient
A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged attacker to perform arbitrary code execution via forging that DLL.
local
low complexity
fortinet CWE-427
7.8