Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-04 | CVE-2019-1855 | Uncontrolled Search Path Element vulnerability in Cisco Jabber A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. | 7.3 |
| 2019-07-02 | CVE-2019-5443 | Uncontrolled Search Path Element vulnerability in multiple products A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. | 7.8 |
| 2019-06-25 | CVE-2019-12280 | Uncontrolled Search Path Element vulnerability in multiple products PC-Doctor Toolbox before 7.3 has an Uncontrolled Search Path Element. | 7.8 |
| 2019-06-21 | CVE-2019-12572 | Uncontrolled Search Path Element vulnerability in Londontrustmedia Private Internet Access 1.0.2 A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client 1.0.2 (build 02363) for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. | 7.8 |
| 2019-06-13 | CVE-2019-5245 | Uncontrolled Search Path Element vulnerability in Huawei Hisuite HiSuite 9.1.0.300 versions and earlier contains a DLL hijacking vulnerability. | 5.3 |
| 2019-06-03 | CVE-2019-12177 | Uncontrolled Search Path Element vulnerability in HTC Viveport Privilege escalation due to insecure directory permissions affecting ViveportDesktopService in HTC VIVEPORT before 1.0.0.36 allows local attackers to escalate privileges via DLL hijacking. | 7.8 |
| 2019-05-24 | CVE-2019-7093 | Uncontrolled Search Path Element vulnerability in Adobe Creative Cloud Creative Cloud Desktop Application (installer) versions 4.7.0.400 and earlier have an insecure library loading (dll hijacking) vulnerability. | 7.8 |
| 2019-05-22 | CVE-2018-7840 | Uncontrolled Search Path Element vulnerability in Pelco Videoxpert Opscenter A Uncontrolled Search Path Element (CWE-427) vulnerability exists in VideoXpert OpsCenter versions prior to 3.1 which could allow an attacker to cause the system to call an incorrect DLL. | 7.8 |
| 2019-05-17 | CVE-2019-11644 | Uncontrolled Search Path Element vulnerability in F-Secure products In the F-Secure installer in F-Secure SAFE for Windows before 17.6, F-Secure Internet Security before 17.6, F-Secure Anti-Virus before 17.6, F-Secure Client Security Standard and Premium before 14.10, F-Secure PSB Workstation Security before 12.01, and F-Secure Computer Protection Standard and Premium before 19.3, a local user can escalate their privileges through a DLL hijacking attack against the installer. | 7.8 |
| 2019-05-15 | CVE-2019-5526 | Uncontrolled Search Path Element vulnerability in VMWare Workstation VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. | 7.8 |