Vulnerabilities > Untrusted Search Path

DATE CVE VULNERABILITY TITLE RISK
2021-02-12 CVE-2021-22980 Untrusted Search Path vulnerability in F5 products
In Edge Client version 7.2.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, and 7.1.x-7.1.8.x before 7.1.8.5, an untrusted search path vulnerability in the BIG-IP APM Client Troubleshooting Utility (CTU) for Windows could allow an attacker to load a malicious DLL library from its current directory.
local
f5 CWE-426
6.9
2021-02-11 CVE-2021-21055 Untrusted Search Path vulnerability in Adobe Dreamweaver
Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) is affected by an untrusted search path vulnerability that could result in information disclosure.
local
low complexity
adobe CWE-426
2.1
2021-01-29 CVE-2020-35145 Untrusted Search Path vulnerability in Acronis True Image
Acronis True Image for Windows prior to 2021 Update 3 allowed local privilege escalation due to a DLL hijacking vulnerability in multiple components, aka an Untrusted Search Path issue.
4.4
2021-01-15 CVE-2021-21237 Untrusted Search Path vulnerability in GIT Large File Storage Project GIT Large File Storage
Git LFS is a command line extension for managing large files with Git.
4.6
2021-01-13 CVE-2021-20616 Untrusted Search Path vulnerability in Skygroup Skysea Client View 12.200.12N/15.210.05F
Untrusted search path vulnerability in the installer of SKYSEA Client View Ver.1.020.05b to Ver.16.001.01g allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
4.4
2021-01-13 CVE-2020-35686 Untrusted Search Path vulnerability in Soundresearch Dchu Model Software Component Modules
The SECOMN service in Sound Research DCHU model software component modules (APO) through 2.0.9.17, delivered on HP Windows 10 computers, may allow escalation of privilege via a fake DLL.
4.4
2020-12-15 CVE-2020-29482 Untrusted Search Path vulnerability in multiple products
An issue was discovered in Xen through 4.14.x.
local
low complexity
xen debian CWE-426
4.9
2020-11-24 CVE-2020-5674 Untrusted Search Path vulnerability in Epson products
Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
epson CWE-426
4.4
2020-11-20 CVE-2020-4739 Untrusted Search Path vulnerability in IBM DB2
IBM DB2 Accessories Suite for Linux, UNIX, and Windows, DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client.
local
ibm CWE-426
6.9
2020-11-18 CVE-2020-27697 Untrusted Search Path vulnerability in Trendmicro products
Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a non-protected location with high privileges (symlink attack) which can lead to obtaining administrative privileges during the installation of the product.
6.9