Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-08 | CVE-2023-4632 | Uncontrolled Search Path Element vulnerability in Lenovo System Update An uncontrolled search path vulnerability was reported in Lenovo System Update that could allow an attacker with local access to execute code with elevated privileges. | 7.8 |
| 2023-11-07 | CVE-2023-0898 | Uncontrolled Search Path Element vulnerability in GE Micom S1 Agile General Electric MiCOM S1 Agile is vulnerable to an attacker achieving code execution by placing malicious DLL files in the directory of the application. | 7.3 |
| 2023-11-02 | CVE-2023-31016 | Uncontrolled Search Path Element vulnerability in Nvidia Virtual GPU NVIDIA GPU Display Driver for Windows contains a vulnerability where an uncontrolled search path element may allow an attacker to execute arbitrary code, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | 7.8 |
| 2023-10-27 | CVE-2023-44220 | Uncontrolled Search Path Element vulnerability in Sonicwall Netextender SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. | 7.3 |
| 2023-10-11 | CVE-2023-4936 | Uncontrolled Search Path Element vulnerability in Synaptics Displaylink USB Graphics It is possible to sideload a compromised DLL during the installation at elevated privilege. | 7.8 |
| 2023-10-09 | CVE-2023-5463 | Uncontrolled Search Path Element vulnerability in Xinje Xdppro 3.7.17A A vulnerability was found in XINJE XDPPro up to 3.7.17a. | 7.8 |
| 2023-10-09 | CVE-2023-45248 | Uncontrolled Search Path Element vulnerability in Acronis Agent Local privilege escalation due to DLL hijacking vulnerability. | 7.3 |
| 2023-10-06 | CVE-2023-35897 | Uncontrolled Search Path Element vulnerability in IBM Storage Protect and Storage Protect Client IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. | 7.8 |
| 2023-09-30 | CVE-2022-4956 | Uncontrolled Search Path Element vulnerability in Caphyon Advanced Installer 19.7 A vulnerability classified as critical has been found in Caphyon Advanced Installer 19.7. | 7.8 |
| 2023-09-18 | CVE-2023-41929 | Uncontrolled Search Path Element vulnerability in Samsung Memory Card & UFD Authentication A DLL hijacking vulnerability in Samsung Memory Card & UFD Authentication Utility PC Software before 1.0.1 could allow a local attacker to escalate privileges. | 7.3 |