Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-06 | CVE-2018-5457 | Uncontrolled Search Path Element vulnerability in Vyaire Carefusion Upgrade Utility 2.0.2.2 A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. | 7.0 |
| 2018-01-18 | CVE-2017-5170 | Uncontrolled Search Path Element vulnerability in Moxa Softnvr-Ia Live View An Uncontrolled Search Path Element issue was discovered in Moxa SoftNVR-IA Live Viewer, Version 3.30.3122 and prior versions. | 7.2 |
| 2017-11-16 | CVE-2017-16777 | Uncontrolled Search Path Element vulnerability in Hashicorp Vagrant 5.0.3 If HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.3 is installed but VMware Fusion is not, a local attacker can create a fake application directory and exploit the suid sudo helper in order to escalate to root. | 7.8 |
| 2017-11-16 | CVE-2017-12314 | Uncontrolled Search Path Element vulnerability in Cisco Findit Network Discovery Utility 2.1 A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to the device availability, confidentiality, and integrity, aka Insecure Library Loading. | 7.8 |
| 2017-11-13 | CVE-2017-14020 | Uncontrolled Search Path Element vulnerability in Automationdirect products In AutomationDirect CLICK Programming Software (Part Number C0-PGMSW) Versions 2.10 and prior; C-More Programming Software (Part Number EA9-PGMSW) Versions 6.30 and prior; C-More Micro (Part Number EA-PGMSW) Versions 4.20.01.0 and prior; Do-more Designer Software (Part Number DM-PGMSW) Versions 2.0.3 and prior; GS Drives Configuration Software (Part Number GSOFT) Versions 4.0.6 and prior; SL-SOFT SOLO Temperature Controller Configuration Software (Part Number SL-SOFT) Versions 1.1.0.5 and prior; and DirectSOFT Programming Software Versions 6.1 and prior, an uncontrolled search path element (DLL Hijacking) vulnerability has been identified. | 7.8 |
| 2017-11-06 | CVE-2017-14029 | Uncontrolled Search Path Element vulnerability in Trihedral Vtscada An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. | 7.8 |
| 2017-10-19 | CVE-2017-14017 | Uncontrolled Search Path Element vulnerability in Progea Movicon 11.4/11.4.1150/11.5.1181 An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. | 7.8 |
| 2017-10-19 | CVE-2017-12579 | Uncontrolled Search Path Element vulnerability in Hashicorp Vagrant VMWare Fusion An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 4.0.24 and earlier allows a non-root user to obtain a root shell. | 7.8 |
| 2017-10-05 | CVE-2017-12266 | Uncontrolled Search Path Element vulnerability in Cisco Meeting APP A vulnerability in the routine that loads DLL files in Cisco Meeting App for Windows could allow an authenticated, local attacker to run an executable file with privileges equivalent to those of Cisco Meeting App. | 4.2 |
| 2017-10-05 | CVE-2017-13993 | Uncontrolled Search Path Element vulnerability in I-Sens Smartlog Diabetes Management Software 2.4.0 An Uncontrolled Search Path or Element issue was discovered in i-SENS SmartLog Diabetes Management Software, Version 2.4.0 and prior versions. | 7.8 |