Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-07 | CVE-2017-12653 | Uncontrolled Search Path Element vulnerability in 360Totalsecurity 360 Total Security 3.5.0.1033 360 Total Security 9.0.0.1202 before 2017-07-07 allows Privilege Escalation via a Trojan horse Shcore.dll file in any directory in the PATH, as demonstrated by the C:\Python27 directory. | 6.8 |
| 2017-08-02 | CVE-2017-2288 | Uncontrolled Search Path Element vulnerability in Lhaforge Project Lhaforge Untrusted search path vulnerability in LhaForge Ver.1.6.5 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
| 2017-08-02 | CVE-2017-2287 | Uncontrolled Search Path Element vulnerability in Sony NFC Port Software Remover Untrusted search path vulnerability in NFC Port Software remover Ver.1.3.0.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
| 2017-08-02 | CVE-2017-2286 | Uncontrolled Search Path Element vulnerability in Sony products Untrusted search path vulnerability in NFC Port Software Version 5.5.0.6 and earlier (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S), NFC Port Software Version 5.3.6.7 and earlier (for RC-S320, RC-S310/J1C, RC-S310/ED4C), PC/SC Activator for Type B Ver.1.2.1.0 and earlier, SFCard Viewer 2 Ver.2.5.0.0 and earlier, NFC Net Installer Ver.1.1.0.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
| 2017-07-17 | CVE-2017-1000010 | Uncontrolled Search Path Element vulnerability in Audacityteam Audacity Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.dll resulting arbitrary code execution. | 6.8 |
| 2017-06-20 | CVE-2017-3097 | Uncontrolled Search Path Element vulnerability in Adobe Digital Editions Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. | 10.0 |
| 2017-06-20 | CVE-2017-3092 | Uncontrolled Search Path Element vulnerability in Adobe Digital Editions Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. | 10.0 |
| 2017-06-20 | CVE-2017-3090 | Uncontrolled Search Path Element vulnerability in Adobe Digital Editions Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. | 10.0 |
| 2017-06-19 | CVE-2017-4987 | Uncontrolled Search Path Element vulnerability in EMC Vnx1 Firmware and Vnx2 Firmware In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user can load a maliciously crafted file in the search path which may potentially allow the attacker to execute arbitrary code on the targeted VNX Control Station system, aka an uncontrolled search path vulnerability. | 4.4 |
| 2017-06-16 | CVE-2017-7884 | Uncontrolled Search Path Element vulnerability in Apcupsd APC UPS Daemon In Adam Kropelin adk0212 APC UPS Daemon through 3.14.14, the default installation of APCUPSD allows a local authenticated, but unprivileged, user to run arbitrary code with elevated privileges by replacing the service executable apcupsd.exe with a malicious executable that will run with SYSTEM privileges at startup. | 7.2 |