Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-12 | CVE-2020-6244 | Uncontrolled Search Path Element vulnerability in SAP Business Client 7.0 SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a DLL file in untrusted directories that can be executed by the application, due to uncontrolled search path element. | 7.8 |
| 2020-04-29 | CVE-2019-20781 | Uncontrolled Search Path Element vulnerability in LG Bridge An issue was discovered in LG Bridge before April 2019 on Windows. | 7.8 |
| 2020-04-22 | CVE-2020-5740 | Uncontrolled Search Path Element vulnerability in Plex Media Server Improper Input Validation in Plex Media Server on Windows allows a local, unauthenticated attacker to execute arbitrary Python code with SYSTEM privileges. | 7.8 |
| 2020-04-17 | CVE-2019-20780 | Uncontrolled Search Path Element vulnerability in Google Android An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. | 9.8 |
| 2020-04-17 | CVE-2019-20769 | Uncontrolled Search Path Element vulnerability in LG PC Suite 5.3.27 An issue was discovered in LG PC Suite for LG G3 and earlier (aka LG PC Suite v5.3.27 and earlier). | 7.8 |
| 2020-04-02 | CVE-2020-10515 | Uncontrolled Search Path Element vulnerability in Starface Unified Communication & Collaboration Client STARFACE UCC Client before 6.7.1.204 on WIndows allows binary planting to execute code with System rights, aka usd-2020-0006. | 9.8 |
| 2020-04-01 | CVE-2020-8146 | Uncontrolled Search Path Element vulnerability in UI Unifi Video In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. | 7.8 |
| 2020-03-25 | CVE-2020-3803 | Uncontrolled Search Path Element vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an insecure library loading (dll hijacking) vulnerability. | 7.8 |
| 2020-03-25 | CVE-2020-10649 | Uncontrolled Search Path Element vulnerability in Asus Device Activation DevActSvc.exe in ASUS Device Activation before 1.0.7.0 for Windows 10 notebooks and PCs could lead to unsigned code execution with no additional restrictions when a user puts an application at a particular path with a particular file name. | 7.8 |
| 2020-03-23 | CVE-2020-7474 | Uncontrolled Search Path Element vulnerability in Schneider-Electric Pmepxm0100 Prosoft Configurator 1.002 A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProSoft Configurator (v1.002 and prior), for the PMEPXM0100 (H) module, which could cause the execution of untrusted code when using double click to open a project file which may trigger execution of a malicious DLL. | 7.8 |