Vulnerabilities > Uncontrolled Search Path Element

DATE CVE VULNERABILITY TITLE RISK
2023-12-12 CVE-2023-41117 Uncontrolled Search Path Element vulnerability in Enterprisedb Postgres Advanced Server
An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0.
network
low complexity
enterprisedb CWE-427
critical
9.8
2023-12-07 CVE-2023-48861 Uncontrolled Search Path Element vulnerability in Baidu Ttplayer 7.0.2
DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll.
local
low complexity
baidu CWE-427
7.8
2023-12-04 CVE-2023-41613 Uncontrolled Search Path Element vulnerability in Ezviz Studio 2.2.0
EzViz Studio v2.2.0 is vulnerable to DLL hijacking.
local
low complexity
ezviz CWE-427
7.8
2023-12-01 CVE-2023-45252 Uncontrolled Search Path Element vulnerability in Huddly Huddlycameraservice
DLL Hijacking vulnerability in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, due to the installation of the service in a directory that grants write privileges to standard users, allows attackers to manipulate files, execute arbitrary code, and escalate privileges.
local
low complexity
huddly CWE-427
7.8
2023-11-30 CVE-2023-47452 Uncontrolled Search Path Element vulnerability in Notepad-Plus-Plus Notepad++ 6.5
An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privileges through the msimg32.dll file in the current working directory.
local
low complexity
notepad-plus-plus CWE-427
7.8
2023-11-30 CVE-2023-47453 Uncontrolled Search Path Element vulnerability in Sohu Video Player 7.0.15.0
An Untrusted search path vulnerability in Sohu Video Player 7.0.15.0 allows local users to gain escalated privileges through the version.dll file in the current working directory.
local
low complexity
sohu CWE-427
7.8
2023-11-30 CVE-2023-47454 Uncontrolled Search Path Element vulnerability in Netease Cloudmusic 2.10.4
An Untrusted search path vulnerability in NetEase CloudMusic 2.10.4 for Windows allows local users to gain escalated privileges through the urlmon.dll file in the current working directory.
local
low complexity
netease CWE-427
7.8
2023-11-23 CVE-2023-41787 Uncontrolled Search Path Element vulnerability in Artica Pandora FMS
Uncontrolled Search Path Element vulnerability in Pandora FMS on all allows Leveraging/Manipulating Configuration File Search Paths.
network
low complexity
artica CWE-427
7.5
2023-11-23 CVE-2023-41790 Uncontrolled Search Path Element vulnerability in Artica Pandora FMS
Uncontrolled Search Path Element vulnerability in Pandora FMS on all allows Leveraging/Manipulating Configuration File Search Paths.
network
low complexity
artica CWE-427
critical
9.8
2023-11-22 CVE-2023-29069 Uncontrolled Search Path Element vulnerability in Autodesk Desktop Connector
A maliciously crafted DLL file can be forced to install onto a non-default location, and attacker can overwrite parts of the product with malicious DLLs.
local
low complexity
autodesk CWE-427
7.8