Vulnerabilities > Uncontrolled Search Path Element

DATE CVE VULNERABILITY TITLE RISK
2017-08-02 CVE-2017-2288 Uncontrolled Search Path Element vulnerability in Lhaforge Project Lhaforge
Untrusted search path vulnerability in LhaForge Ver.1.6.5 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
lhaforge-project CWE-427
7.8
2017-08-02 CVE-2017-2287 Uncontrolled Search Path Element vulnerability in Sony NFC Port Software Remover 1.3.0.1
Untrusted search path vulnerability in NFC Port Software remover Ver.1.3.0.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
sony CWE-427
7.8
2017-08-02 CVE-2017-2286 Uncontrolled Search Path Element vulnerability in Sony products
Untrusted search path vulnerability in NFC Port Software Version 5.5.0.6 and earlier (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S), NFC Port Software Version 5.3.6.7 and earlier (for RC-S320, RC-S310/J1C, RC-S310/ED4C), PC/SC Activator for Type B Ver.1.2.1.0 and earlier, SFCard Viewer 2 Ver.2.5.0.0 and earlier, NFC Net Installer Ver.1.1.0.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
sony CWE-427
7.8
2017-07-17 CVE-2017-1000010 Uncontrolled Search Path Element vulnerability in Audacityteam Audacity
Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.dll resulting arbitrary code execution.
local
low complexity
audacityteam CWE-427
7.8
2017-06-20 CVE-2017-3097 Uncontrolled Search Path Element vulnerability in Adobe Digital Editions
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability.
network
low complexity
adobe CWE-427
critical
9.8
2017-06-20 CVE-2017-3092 Uncontrolled Search Path Element vulnerability in Adobe Digital Editions
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability.
network
low complexity
adobe CWE-427
critical
9.8
2017-06-20 CVE-2017-3090 Uncontrolled Search Path Element vulnerability in Adobe Digital Editions
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability.
network
low complexity
adobe CWE-427
critical
9.8
2017-06-19 CVE-2017-4987 Uncontrolled Search Path Element vulnerability in EMC Vnx1 Firmware and Vnx2 Firmware
In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user can load a maliciously crafted file in the search path which may potentially allow the attacker to execute arbitrary code on the targeted VNX Control Station system, aka an uncontrolled search path vulnerability.
local
low complexity
emc CWE-427
7.3
2017-06-16 CVE-2017-7884 Uncontrolled Search Path Element vulnerability in Apcupsd APC UPS Daemon 3.14.14
In Adam Kropelin adk0212 APC UPS Daemon through 3.14.14, the default installation of APCUPSD allows a local authenticated, but unprivileged, user to run arbitrary code with elevated privileges by replacing the service executable apcupsd.exe with a malicious executable that will run with SYSTEM privileges at startup.
local
low complexity
apcupsd CWE-427
8.4
2017-06-09 CVE-2017-2210 Uncontrolled Search Path Element vulnerability in GSI Patchjgd 1.0.1
Untrusted search path vulnerability in PatchJGD (PatchJGD101.EXE) ver.
local
low complexity
gsi CWE-427
7.8