Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-10 | CVE-2023-29444 | Uncontrolled Search Path Element vulnerability in PTC products An uncontrolled search path element vulnerability (DLL hijacking) has been discovered that could allow a locally authenticated adversary to escalate privileges to SYSTEM. | 7.3 |
| 2024-01-05 | CVE-2023-41782 | Uncontrolled Search Path Element vulnerability in ZTE Zxcloud Irai There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL file in a specific directory and successfully exploit this vulnerability to execute malicious code. | 4.8 |
| 2024-01-03 | CVE-2023-41780 | Uncontrolled Search Path Element vulnerability in ZTE Zxcloud Irai There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. | 7.8 |
| 2023-12-13 | CVE-2023-31210 | Uncontrolled Search Path Element vulnerability in Checkmk 2.2.0 Usage of user controlled LD_LIBRARY_PATH in agent in Checkmk 2.2.0p10 up to 2.2.0p16 allows malicious Checkmk site user to escalate rights via injection of malicious libraries | 7.8 |
| 2023-12-12 | CVE-2020-28369 | Uncontrolled Search Path Element vulnerability in Beyondtrust Privilege Management for Windows In BeyondTrust Privilege Management for Windows (aka PMfW) through 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp. | 7.8 |
| 2023-12-12 | CVE-2023-41117 | Uncontrolled Search Path Element vulnerability in Enterprisedb Postgres Advanced Server An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. | 9.8 |
| 2023-12-07 | CVE-2023-48861 | Uncontrolled Search Path Element vulnerability in Baidu Ttplayer 7.0.2 DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll. | 7.8 |
| 2023-12-04 | CVE-2023-41613 | Uncontrolled Search Path Element vulnerability in Ezviz Studio 2.2.0 EzViz Studio v2.2.0 is vulnerable to DLL hijacking. | 7.8 |
| 2023-12-01 | CVE-2023-45252 | Uncontrolled Search Path Element vulnerability in Huddly Huddlycameraservice DLL Hijacking vulnerability in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, due to the installation of the service in a directory that grants write privileges to standard users, allows attackers to manipulate files, execute arbitrary code, and escalate privileges. | 7.8 |
| 2023-11-30 | CVE-2023-47452 | Uncontrolled Search Path Element vulnerability in Notepad-Plus-Plus Notepad++ 6.5 An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privileges through the msimg32.dll file in the current working directory. | 7.8 |