Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-30 | CVE-2019-14242 | Uncontrolled Search Path Element vulnerability in Bitdefender products An issue was discovered in Bitdefender products for Windows (Bitdefender Endpoint Security Tool versions prior to 6.6.8.115; and Bitdefender Antivirus Plus, Bitdefender Internet Security, and Bitdefender Total Security versions prior to 23.0.24.120) that can lead to local code injection. | 6.7 |
| 2019-07-18 | CVE-2019-7956 | Uncontrolled Search Path Element vulnerability in Adobe Dreamweaver Adobe Dreamweaver direct download installer versions 19.0 and below, 18.0 and below have an Insecure Library Loading (DLL hijacking) vulnerability. | 7.8 |
| 2019-07-15 | CVE-2019-6825 | Uncontrolled Search Path Element vulnerability in Schneider-Electric Proclima 6.0.1/6.1 A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow a malicious DLL file, with the same name of any resident DLLs inside the software installation, to execute arbitrary code in all versions of ProClima prior to version 8.0.0. | 7.8 |
| 2019-07-13 | CVE-2019-5629 | Uncontrolled Search Path Element vulnerability in Rapid7 Insight Agent Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local privilege escalation due to an uncontrolled DLL search path. | 7.8 |
| 2019-07-11 | CVE-2019-12575 | Uncontrolled Search Path Element vulnerability in Londontrustmedia Private Internet Access VPN Client 82 A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux could allow an authenticated, local attacker to run arbitrary code with elevated privileges. | 7.8 |
| 2019-07-04 | CVE-2019-1855 | Uncontrolled Search Path Element vulnerability in Cisco Jabber A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. | 7.3 |
| 2019-07-02 | CVE-2019-5443 | Uncontrolled Search Path Element vulnerability in multiple products A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. | 7.8 |
| 2019-06-25 | CVE-2019-12280 | Uncontrolled Search Path Element vulnerability in multiple products PC-Doctor Toolbox before 7.3 has an Uncontrolled Search Path Element. | 7.8 |
| 2019-06-21 | CVE-2019-12572 | Uncontrolled Search Path Element vulnerability in Londontrustmedia Private Internet Access 1.0.2 A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client 1.0.2 (build 02363) for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. | 7.8 |
| 2019-06-13 | CVE-2019-5245 | Uncontrolled Search Path Element vulnerability in Huawei Hisuite HiSuite 9.1.0.300 versions and earlier contains a DLL hijacking vulnerability. | 5.3 |