Vulnerabilities > Untrusted Search Path
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-08 | CVE-2025-27743 | Untrusted search path in System Center allows an authorized attacker to elevate privileges locally. | 7.8 |
| 2025-03-11 | CVE-2025-27167 | Untrusted Search Path vulnerability in Adobe Illustrator Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways. | 7.8 |
| 2025-02-27 | CVE-2025-1755 | Untrusted Search Path vulnerability in multiple products MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\node_modules\. | 7.8 |
| 2025-02-27 | CVE-2025-1756 | Untrusted Search Path vulnerability in multiple products mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privilege, when a crafted file is stored in C:\node_modules\. | 7.8 |
| 2025-01-27 | CVE-2025-0732 | A vulnerability, which was classified as problematic, has been found in Discord up to 1.0.9177 on Windows. | 4.5 |
| 2025-01-27 | CVE-2025-0733 | A vulnerability, which was classified as problematic, was found in Postman up to 11.20 on Windows. | 4.5 |
| 2025-01-24 | CVE-2025-0707 | A vulnerability was found in Rise Group Rise Mode Temp CPU 2.1. | 7.8 |
| 2025-01-20 | CVE-2024-13524 | A vulnerability has been found in obsproject OBS Studio up to 30.0.2 on Windows and classified as problematic. | 4.5 |
| 2025-01-19 | CVE-2025-0567 | A vulnerability classified as problematic was found in Epic Games Launcher up to 17.2.1. | 4.5 |
| 2025-01-15 | CVE-2024-53407 | Untrusted Search Path vulnerability in Phiewer 4.1.0 In Phiewer 4.1.0, a dylib injection leads to Command Execution which allow attackers to inject dylib file potentially leading to remote control and unauthorized access to sensitive user data. | 3.3 |