Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-15 | CVE-2019-12758 | Uncontrolled Search Path Element vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature. | 6.7 |
| 2019-11-14 | CVE-2019-7962 | Uncontrolled Search Path Element vulnerability in Adobe Illustrator CC Adobe Illustrator CC versions 23.1 and earlier have an insecure library loading (dll hijacking) vulnerability. | 7.8 |
| 2019-11-14 | CVE-2019-7960 | Uncontrolled Search Path Element vulnerability in Adobe Animate CC Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. | 7.8 |
| 2019-11-12 | CVE-2019-5695 | Uncontrolled Search Path Element vulnerability in Nvidia Geforce Experience and GPU Driver NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. | 6.5 |
| 2019-11-09 | CVE-2019-5701 | Uncontrolled Search Path Element vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure, or escalation of privileges through code execution. | 7.8 |
| 2019-11-09 | CVE-2019-5694 | Uncontrolled Search Path Element vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. | 6.5 |
| 2019-10-24 | CVE-2019-6692 | Uncontrolled Search Path Element vulnerability in Fortinet Forticlient A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged attacker to perform arbitrary code execution via forging that DLL. | 7.8 |
| 2019-10-23 | CVE-2019-17093 | Uncontrolled Search Path Element vulnerability in multiple products An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8. | 7.8 |
| 2019-10-21 | CVE-2019-9491 | Uncontrolled Search Path Element vulnerability in Trendmicro Anti-Threat Toolkit 1.62.0.1218 Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. | 7.8 |
| 2019-10-16 | CVE-2019-17665 | Uncontrolled Search Path Element vulnerability in NSA Ghidra 9.0/9.0.1/9.0.2 NSA Ghidra before 9.0.2 is vulnerable to DLL hijacking because it loads jansi.dll from the current working directory. | 7.8 |