Vulnerabilities > Uncontrolled Search Path Element
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-18 | CVE-2019-7956 | Uncontrolled Search Path Element vulnerability in Adobe Dreamweaver Adobe Dreamweaver direct download installer versions 19.0 and below, 18.0 and below have an Insecure Library Loading (DLL hijacking) vulnerability. | 7.8 |
2019-07-15 | CVE-2019-6825 | Uncontrolled Search Path Element vulnerability in Schneider-Electric Proclima 6.0.1/6.1 A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow a malicious DLL file, with the same name of any resident DLLs inside the software installation, to execute arbitrary code in all versions of ProClima prior to version 8.0.0. | 7.8 |
2019-07-13 | CVE-2019-5629 | Uncontrolled Search Path Element vulnerability in Rapid7 Insight Agent Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local privilege escalation due to an uncontrolled DLL search path. | 7.8 |
2019-07-11 | CVE-2019-12575 | Uncontrolled Search Path Element vulnerability in Londontrustmedia Private Internet Access VPN Client 82 A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux could allow an authenticated, local attacker to run arbitrary code with elevated privileges. | 7.8 |
2019-07-04 | CVE-2019-1855 | Uncontrolled Search Path Element vulnerability in Cisco Jabber A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. | 7.3 |
2019-07-02 | CVE-2019-5443 | Uncontrolled Search Path Element vulnerability in multiple products A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. | 7.8 |
2019-06-25 | CVE-2019-12280 | Uncontrolled Search Path Element vulnerability in multiple products PC-Doctor Toolbox before 7.3 has an Uncontrolled Search Path Element. | 7.8 |
2019-06-21 | CVE-2019-12572 | Uncontrolled Search Path Element vulnerability in Londontrustmedia Private Internet Access 1.0.2 A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client 1.0.2 (build 02363) for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. | 7.8 |
2019-06-13 | CVE-2019-5245 | Uncontrolled Search Path Element vulnerability in Huawei Hisuite HiSuite 9.1.0.300 versions and earlier contains a DLL hijacking vulnerability. | 5.3 |
2019-06-03 | CVE-2019-12177 | Uncontrolled Search Path Element vulnerability in HTC Viveport Privilege escalation due to insecure directory permissions affecting ViveportDesktopService in HTC VIVEPORT before 1.0.0.36 allows local attackers to escalate privileges via DLL hijacking. | 7.8 |