Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-12 | CVE-2017-3012 | Uncontrolled Search Path Element vulnerability in Adobe products Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in the OCR plugin. | 9.3 |
| 2017-04-07 | CVE-2017-6033 | Uncontrolled Search Path Element vulnerability in Schneider-Electric Interactive Graphical Scada System 10.0/9.0 A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System (IGSS) Software, Version 12 and previous versions. | 6.8 |
| 2017-03-23 | CVE-2017-6517 | Uncontrolled Search Path Element vulnerability in Microsoft Skype 7.16.0.102 Microsoft Skype 7.16.0.102 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. | 10.0 |
| 2017-03-21 | CVE-2017-6417 | Uncontrolled Search Path Element vulnerability in Avira products Code injection vulnerability in Avira Total Security Suite 15.0 (and earlier), Optimization Suite 15.0 (and earlier), Internet Security Suite 15.0 (and earlier), and Free Security Suite 15.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Avira process via a "DoubleAgent" attack. | 7.2 |
| 2017-03-21 | CVE-2017-5567 | Uncontrolled Search Path Element vulnerability in Avast products Code injection vulnerability in Avast Premier 12.3 (and earlier), Internet Security 12.3 (and earlier), Pro Antivirus 12.3 (and earlier), and Free Antivirus 12.3 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Avast process via a "DoubleAgent" attack. | 7.2 |
| 2017-03-21 | CVE-2017-5566 | Uncontrolled Search Path Element vulnerability in AVG Anti-Virus, Internet Security and Ultimate Code injection vulnerability in AVG Ultimate 17.1 (and earlier), AVG Internet Security 17.1 (and earlier), and AVG AntiVirus FREE 17.1 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any AVG process via a "DoubleAgent" attack. | 7.2 |
| 2017-03-21 | CVE-2017-5565 | Uncontrolled Search Path Element vulnerability in Trendmicro products Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 11.0 (and earlier), and Antivirus+ Security 11.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Trend Micro process via a "DoubleAgent" attack. | 7.2 |
| 2017-02-13 | CVE-2017-5161 | Uncontrolled Search Path Element vulnerability in Sielcosistemi Winlog Lite and Winlog PRO An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. | 9.3 |
| 2016-09-19 | CVE-2016-4526 | Uncontrolled Search Path Element vulnerability in Trane Tracer SC ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory. | 6.9 |
| 2005-05-02 | CVE-2005-0457 | Uncontrolled Search Path Element vulnerability in Opera Browser Opera 7.54 and earlier on Gentoo Linux uses an insecure path for plugins, which could allow local users to gain privileges by inserting malicious libraries into the PORTAGE_TMPDIR (portage) temporary directory. | 7.2 |