Vulnerabilities > Untrusted Search Path

DATE CVE VULNERABILITY TITLE RISK
2022-11-17 CVE-2022-23748 Untrusted Search Path vulnerability in Audinate Dante Enabled Zoom Rooms 1.3.0.0
mDNSResponder.exe is vulnerable to DLL Sideloading attack.
local
low complexity
audinate CWE-426
7.8
2022-11-09 CVE-2022-31253 Untrusted Search Path vulnerability in Opensuse Openldap2
A Untrusted Search Path vulnerability in openldap2 of openSUSE Factory allows local attackers with control of the ldap user or group to change ownership of arbitrary directory entries to this user/group, leading to escalation to root.
local
low complexity
opensuse CWE-426
7.8
2022-10-28 CVE-2022-3734 Untrusted Search Path vulnerability in Redis
** DISPUTED ** A vulnerability was found in a port or fork of Redis.
network
low complexity
redis CWE-426
critical
9.8
2022-10-27 CVE-2022-0074 Untrusted Search Path vulnerability in Litespeedtech Openlitespeed
Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation.
network
low complexity
litespeedtech CWE-426
8.8
2022-10-24 CVE-2022-41796 Untrusted Search Path vulnerability in Sony Content Transfer 1.3
Untrusted search path vulnerability in the installer of Content Transfer (for Windows) Ver.1.3 and prior allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
sony CWE-426
7.8
2022-07-12 CVE-2022-31012 Untrusted Search Path vulnerability in Gitforwindows GIT 2.34.1
Git for Windows is a fork of Git that contains Windows-specific patches.
4.4
2022-05-20 CVE-2022-28964 Untrusted Search Path vulnerability in Avast Premium Security 19.8.2393/20.8.2429
An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file.
local
avast CWE-426
5.4
2022-04-22 CVE-2022-29583 Untrusted Search Path vulnerability in Service Project Service
service_windows.go in the kardianos service package for Go omits quoting that is sometimes needed for execution of a Windows service executable from the intended directory.
local
low complexity
service-project CWE-426
4.6
2022-04-20 CVE-2022-24826 Untrusted Search Path vulnerability in GIT Large File Storage Project GIT Large File Storage
On Windows, if Git LFS operates on a malicious repository with a `..exe` file as well as a file named `git.exe`, and `git.exe` is not found in `PATH`, the `..exe` program will be executed, permitting the attacker to execute arbitrary code.
4.4
2022-03-31 CVE-2022-25348 Untrusted Search Path vulnerability in Hibara Attachecase
Untrusted search path vulnerability in AttacheCase ver.4.0.2.7 and earlier allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory.
local
hibara CWE-426
4.4