Vulnerabilities > Untrusted Search Path

DATE CVE VULNERABILITY TITLE RISK
2024-05-14 CVE-2024-28133 A local low privileged attacker can use an untrusted search path in a CHARX system utility to gain root privileges. 
local
low complexity
CWE-426
7.8
2024-03-18 CVE-2024-20754 Lightroom Desktop versions 7.1.2 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user.
local
high complexity
CWE-426
7.5
2024-02-07 CVE-2024-24810 Untrusted Search Path vulnerability in Firegiant WIX Toolset
WiX toolset lets developers create installers for Windows Installer, the Windows installation engine.
local
low complexity
firegiant CWE-426
7.8
2024-02-06 CVE-2024-23304 Untrusted Search Path vulnerability in Cybozu Kunai 3.0.20/3.0.21
Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by performing certain operations.
network
low complexity
cybozu CWE-426
7.5
2024-02-04 CVE-2021-4435 Untrusted Search Path vulnerability in Yarnpkg Yarn
An untrusted search path vulnerability was found in Yarn.
local
low complexity
yarnpkg CWE-426
7.8
2024-01-17 CVE-2024-22410 Untrusted Search Path vulnerability in Gluwa Creditcoin
Creditcoin is a network that enables cross-blockchain credit transactions.
local
low complexity
gluwa CWE-426
7.8
2024-01-11 CVE-2024-22190 Untrusted Search Path vulnerability in Gitpython Project Gitpython
GitPython is a python library used to interact with Git repositories.
local
low complexity
gitpython-project CWE-426
7.8
2023-12-22 CVE-2023-48670 Untrusted Search Path vulnerability in Dell Supportassist for Home PCS 3.14.2.45116
Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer.
local
low complexity
dell CWE-426
7.8
2023-12-08 CVE-2023-6061 Untrusted Search Path vulnerability in Iconics Suite
Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability.
local
low complexity
iconics CWE-426
7.8
2023-11-16 CVE-2023-26031 Untrusted Search Path vulnerability in Apache Hadoop 3.3.1/3.3.2/3.3.4
Relative library resolution in linux container-executor binary in Apache Hadoop 3.3.1-3.3.4 on Linux allows local user to gain root privileges.
network
high complexity
apache CWE-426
7.5