Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-08 | CVE-2019-9634 | Uncontrolled Search Path Element vulnerability in Golang GO Go through 1.12 on Windows misuses certain LoadLibrary functionality, leading to DLL injection. | 7.8 |
| 2019-03-01 | CVE-2019-9546 | Uncontrolled Search Path Element vulnerability in Solarwinds Orion Platform SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service. | 9.8 |
| 2019-02-25 | CVE-2019-9116 | Uncontrolled Search Path Element vulnerability in Sublimetext Sublime Text 3 3.1.1 DLL hijacking is possible in Sublime Text 3 version 3.1.1 build 3176 on 32-bit Windows platforms because a Trojan horse api-ms-win-core-fibers-l1-1-1.dll or api-ms-win-core-localization-l1-2-1.dll file may be loaded if a victim uses sublime_text.exe to open a .txt file within an attacker's %LOCALAPPDATA%\Temp\sublime_text folder. | 7.8 |
| 2019-02-09 | CVE-2019-7653 | Uncontrolled Search Path Element vulnerability in multiple products The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot. | 9.8 |
| 2019-01-09 | CVE-2018-16177 | Uncontrolled Search Path Element vulnerability in Ntt-West Fall Creators Update Untrusted search path vulnerability in The installer of Windows 10 Fall Creators Update Modify module for Security Measures tool allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2019-01-02 | CVE-2018-20211 | Uncontrolled Search Path Element vulnerability in Exiftool Project Exiftool 8.32 ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws32_32.dll file into this new folder, aka DLL Hijacking. | 7.8 |
| 2018-11-13 | CVE-2018-15452 | Uncontrolled Search Path Element vulnerability in Cisco Advanced Malware Protection for Endpoints A vulnerability in the DLL loading component of Cisco Advanced Malware Protection (AMP) for Endpoints on Windows could allow an authenticated, local attacker to disable system scanning services or take other actions to prevent detection of unauthorized intrusions. | 6.7 |
| 2018-11-02 | CVE-2018-7799 | Uncontrolled Search Path Element vulnerability in Schneider-Electric Software Update Utility A DLL hijacking vulnerability exists in Schneider Electric Software Update (SESU), all versions prior to V2.2.0, which could allow an attacker to execute arbitrary code on the targeted system when placing a specific DLL file. | 7.8 |
| 2018-10-24 | CVE-2018-14812 | Uncontrolled Search Path Element vulnerability in Fujielectric Energy Savings Estimator 1.0.2.0 An uncontrolled search path element (DLL Hijacking) vulnerability has been identified in Fuji Electric Energy Savings Estimator versions V.1.0.2.0 and prior. | 7.8 |
| 2018-10-17 | CVE-2018-15976 | Uncontrolled Search Path Element vulnerability in Adobe Technical Communications Suite 1.0.5.1 Adobe Technical Communications Suite versions 1.0.5.1 and below have an insecure library loading (dll hijacking) vulnerability. | 7.8 |