Vulnerabilities > Uncontrolled Search Path Element
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-03-27 | CVE-2018-6766 | Uncontrolled Search Path Element vulnerability in Swisscom Tvmediahelper 1.1.0.50 Swisscom TVMediaHelper 1.1.0.50 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. | 7.2 |
2018-03-27 | CVE-2018-6765 | Uncontrolled Search Path Element vulnerability in Swisscom Myswisscomassistant 2.17.1.1065 Swisscom MySwisscomAssistant 2.17.1.1065 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. | 7.2 |
2018-02-06 | CVE-2018-5457 | Uncontrolled Search Path Element vulnerability in Vyaire Carefusion Upgrade Utility 2.0.2.2 A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. | 6.9 |
2018-01-18 | CVE-2017-5170 | Uncontrolled Search Path Element vulnerability in Moxa Softnvr-Ia Live View An Uncontrolled Search Path Element issue was discovered in Moxa SoftNVR-IA Live Viewer, Version 3.30.3122 and prior versions. | 6.5 |
2017-11-16 | CVE-2017-16777 | Uncontrolled Search Path Element vulnerability in Hashicorp Vagrant 5.0.3 If HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.3 is installed but VMware Fusion is not, a local attacker can create a fake application directory and exploit the suid sudo helper in order to escalate to root. | 7.2 |
2017-11-16 | CVE-2017-12314 | Uncontrolled Search Path Element vulnerability in Cisco Findit Network Discovery Utility 2.1 A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to the device availability, confidentiality, and integrity, aka Insecure Library Loading. | 4.6 |
2017-11-13 | CVE-2017-14020 | Uncontrolled Search Path Element vulnerability in Automationdirect products In AutomationDirect CLICK Programming Software (Part Number C0-PGMSW) Versions 2.10 and prior; C-More Programming Software (Part Number EA9-PGMSW) Versions 6.30 and prior; C-More Micro (Part Number EA-PGMSW) Versions 4.20.01.0 and prior; Do-more Designer Software (Part Number DM-PGMSW) Versions 2.0.3 and prior; GS Drives Configuration Software (Part Number GSOFT) Versions 4.0.6 and prior; SL-SOFT SOLO Temperature Controller Configuration Software (Part Number SL-SOFT) Versions 1.1.0.5 and prior; and DirectSOFT Programming Software Versions 6.1 and prior, an uncontrolled search path element (DLL Hijacking) vulnerability has been identified. | 9.3 |
2017-11-06 | CVE-2017-14029 | Uncontrolled Search Path Element vulnerability in Trihedral Vtscada An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. | 9.3 |
2017-10-19 | CVE-2017-14017 | Uncontrolled Search Path Element vulnerability in Progea Movicon 11.4/11.4.1150/11.5.1181 An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. | 4.6 |
2017-10-19 | CVE-2017-12579 | Uncontrolled Search Path Element vulnerability in Hashicorp Vagrant VMWare Fusion An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 4.0.24 and earlier allows a non-root user to obtain a root shell. | 7.2 |