Vulnerabilities > Uncontrolled Search Path Element

DATE CVE VULNERABILITY TITLE RISK
2019-10-23 CVE-2019-17093 Uncontrolled Search Path Element vulnerability in multiple products
An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8.
local
low complexity
avg avast CWE-427
7.8
2019-10-21 CVE-2019-9491 Uncontrolled Search Path Element vulnerability in Trendmicro Anti-Threat Toolkit 1.62.0.1218
Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed.
local
low complexity
trendmicro CWE-427
7.8
2019-10-16 CVE-2019-17665 Uncontrolled Search Path Element vulnerability in NSA Ghidra 9.0/9.0.1/9.0.2
NSA Ghidra before 9.0.2 is vulnerable to DLL hijacking because it loads jansi.dll from the current working directory.
local
low complexity
nsa CWE-427
7.8
2019-10-11 CVE-2019-6333 Uncontrolled Search Path Element vulnerability in HP Touchpoint Analytics
A potential security vulnerability has been identified with certain versions of HP Touchpoint Analytics prior to version 4.1.4.2827.
local
low complexity
hp CWE-427
6.7
2019-10-02 CVE-2019-16407 Uncontrolled Search Path Element vulnerability in Jetbrains Resharper
JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability.
local
low complexity
jetbrains CWE-427
7.3
2019-09-24 CVE-2019-3726 Uncontrolled Search Path Element vulnerability in Dell Update Package Framework 19.1.0.413/3.8.3.67/4.9.4.36
An Uncontrolled Search Path Vulnerability is applicable to the following: Dell Update Package (DUP) Framework file versions prior to 19.1.0.413, and Framework file versions prior to 103.4.6.69 used in Dell EMC Servers.
local
high complexity
dell CWE-427
6.7
2019-09-12 CVE-2019-8076 Uncontrolled Search Path Element vulnerability in Adobe Application Manager 10.0
Adobe application manager installer version 10.0 have an Insecure Library Loading (DLL hijacking) vulnerability.
local
low complexity
adobe CWE-427
7.8
2019-09-12 CVE-2019-11773 Uncontrolled Search Path Element vulnerability in Eclipse OMR
Prior to 0.1, AIX builds of Eclipse OMR contain unused RPATHs which may facilitate code injection and privilege elevation by local users.
local
low complexity
eclipse CWE-427
7.8
2019-08-26 CVE-2019-4447 Uncontrolled Search Path Element vulnerability in IBM DB2 High Performance Unload Load 6.1/6.1.0.1/6.1.0.2
IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum_debug is a setuid root binary which trusts the PATH environment variable.
local
low complexity
ibm CWE-427
7.8
2019-08-23 CVE-2019-7364 Uncontrolled Search Path Element vulnerability in Autodesk products
DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID.
local
low complexity
autodesk CWE-427
7.8