Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-03 | CVE-2019-20419 | Uncontrolled Search Path Element vulnerability in Atlassian Jira Data Center and Jira Server Affected versions of Atlassian Jira Server and Data Center allow remote attackers to execute arbitrary code via a DLL hijacking vulnerability in Tomcat. | 7.8 |
| 2020-06-22 | CVE-2020-13279 | Uncontrolled Search Path Element vulnerability in Gitlab Gitlab-Vscode-Extension Client side code execution in gitlab-vscode-extension v2.2.0 allows attacker to execute code on user system | 8.6 |
| 2020-06-19 | CVE-2019-20856 | Uncontrolled Search Path Element vulnerability in Mattermost Desktop 3.4.0/4.0.0/4.2.2 An issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. | 9.8 |
| 2020-06-10 | CVE-2020-7585 | Uncontrolled Search Path Element vulnerability in Siemens products A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). | 7.8 |
| 2020-06-10 | CVE-2019-3613 | Uncontrolled Search Path Element vulnerability in Mcafee Agent DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers with local access to execute arbitrary code via execution from a compromised folder. | 7.3 |
| 2020-06-09 | CVE-2020-9858 | Uncontrolled Search Path Element vulnerability in Apple Windows Migration Assistant A dynamic library loading issue was addressed with improved path searching. | 7.8 |
| 2020-05-28 | CVE-2020-5357 | Uncontrolled Search Path Element vulnerability in Dell products Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. | 6.0 |
| 2020-05-16 | CVE-2020-13110 | Uncontrolled Search Path Element vulnerability in Kerberos Project Kerberos The kerberos package before 1.0.0 for Node.js allows arbitrary code execution and privilege escalation via injection of malicious DLLs through use of the kerberos_sspi LoadLibrary() method, because of a DLL path search. | 7.8 |
| 2020-05-14 | CVE-2020-10616 | Uncontrolled Search Path Element vulnerability in Opto22 Softpac Project 9.6 Opto 22 SoftPAC Project Version 9.6 and prior. | 8.8 |
| 2020-05-14 | CVE-2020-10626 | Uncontrolled Search Path Element vulnerability in multiple products In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element vulnerability could allow a malicious DLL file with the same name of any resident DLLs inside the software installation to execute arbitrary code. | 7.8 |