Vulnerabilities > Uncontrolled Search Path Element
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-22 | CVE-2018-5235 | Uncontrolled Search Path Element vulnerability in Symantec Norton Utilities Norton Utilities (prior to 16.0.3.44) may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. | 4.4 |
2018-07-25 | CVE-2018-8090 | Uncontrolled Search Path Element vulnerability in Quickheal Antivirus Pro, Internet Security and Total Security Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17.00 (QHIS32.exe), (QHISFT32.exe) - Version 10.0.0.37; Quick Heal AntiVirus Pro 64 bit 17.00 (QHAV64.exe), (QHAVFT64.exe) - Version 10.0.0.37; and Quick Heal AntiVirus Pro 32 bit 17.00 (QHAV32.exe), (QHAVFT32.exe) - Version 10.0.0.37 allow DLL Hijacking because of Insecure Library Loading. | 6.8 |
2018-07-20 | CVE-2018-12805 | Uncontrolled Search Path Element vulnerability in Adobe Connect Adobe Connect versions 9.7.5 and earlier have an Insecure Library Loading vulnerability. | 7.5 |
2018-07-11 | CVE-2018-11049 | Uncontrolled Search Path Element vulnerability in multiple products RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG releases have an uncontrolled search vulnerability. | 6.9 |
2018-07-09 | CVE-2018-1000622 | Uncontrolled Search Path Element vulnerability in Rust-Lang Rust The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. | 7.8 |
2018-06-11 | CVE-2017-7836 | Uncontrolled Search Path Element vulnerability in Mozilla Firefox The "pingsender" executable used by the Firefox Health Report dynamically loads a system copy of libcurl, which an attacker could replace. | 4.6 |
2018-05-19 | CVE-2018-4938 | Uncontrolled Search Path Element vulnerability in Adobe Coldfusion 11.0/2016 Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Insecure Library Loading vulnerability. | 4.6 |
2018-05-10 | CVE-2018-3649 | Uncontrolled Search Path Element vulnerability in Intel products DLL injection vulnerability in the installation executables (Autorun.exe and Setup.exe) for Intel's wireless drivers and related software in Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC family of products allows a local attacker to cause escalation of privilege via remote code execution. | 4.6 |
2018-05-09 | CVE-2017-5175 | Uncontrolled Search Path Element vulnerability in Advantech Webaccess Advantech WebAccess 8.1 and earlier contains a DLL hijacking vulnerability which may allow an attacker to run a malicious DLL file within the search path resulting in execution of arbitrary code. | 6.8 |
2018-04-26 | CVE-2017-14010 | Uncontrolled Search Path Element vulnerability in Spidercontrol Scada Microbrowser 1.6.30.144 In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. | 6.8 |