Vulnerabilities > Untrusted Search Path

DATE CVE VULNERABILITY TITLE RISK
2021-08-18 CVE-2021-37617 Untrusted Search Path vulnerability in Nextcloud Desktop
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer.
4.4
2021-08-17 CVE-2021-3633 Untrusted Search Path vulnerability in Lenovo Drivers Management 2.7.1128.1046
A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation.
local
lenovo CWE-426
6.9
2021-08-11 CVE-2021-36770 Untrusted Search Path vulnerability in multiple products
Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current working directory) that preempts dynamic module loading.
6.8
2021-08-03 CVE-2021-21562 Untrusted Search Path vulnerability in Dell EMC Powerscale Onefs
Dell EMC PowerScale OneFS contains an untrusted search path vulnerability.
local
low complexity
dell CWE-426
2.1
2021-07-21 CVE-2021-25698 Untrusted Search Path vulnerability in Teradici Pcoip Stnadard Agent
The OpenSSL component of the Teradici PCoIP Standard Agent prior to version 21.07.0 was compiled without the no-autoload-config option, which allowed an attacker to elevate to the privileges of the running process via placing a specially crafted dll in a build configuration directory.
4.4
2021-07-21 CVE-2021-25699 Untrusted Search Path vulnerability in Teradici Pcoip Client 19.08.3
The OpenSSL component of the Teradici PCoIP Software Client prior to version 21.07.0 was compiled without the no-autoload-config option, which allowed an attacker to elevate to the privileges of the running process via placing a specially crafted dll in a build configuration directory.
4.4
2021-05-24 CVE-2021-20722 Untrusted Search Path vulnerability in Fujitsu Scansnap Manager
Untrusted search path vulnerability in the installers of ScanSnap Manager prior to versions V7.0L20 and the Software Download Installer prior to WinSSInst2JP.exe and WinSSInst2iX1500JP.exe allows an attacker to gain privileges and execute arbitrary code with the privilege of the user invoking the installer via a Trojan horse DLL in an unspecified directory.
4.4
2021-05-24 CVE-2021-20726 Untrusted Search Path vulnerability in Overwolf 0.149.2.30
Untrusted search path vulnerability in The Installer of Overwolf 2.168.0.n and earlier allows an attacker to gain privileges and execute arbitrary code with the privilege of the user invoking the installer via a Trojan horse DLL in an unspecified directory.
4.4
2021-04-30 CVE-2021-26807 Untrusted Search Path vulnerability in GOG Galaxy 2.0.28.9
GalaxyClient version 2.0.28.9 loads unsigned DLLs such as zlib1.dll, libgcc_s_dw2-1.dll and libwinpthread-1.dll from PATH, which allows an attacker to potentially run code locally through unsigned DLL loading.
local
gog CWE-426
4.4
2021-04-08 CVE-2021-3146 Untrusted Search Path vulnerability in Dolby Audio X2
The Dolby Audio X2 (DAX2) API service before 0.8.8.90 on Windows allows local users to gain privileges.
local
low complexity
dolby CWE-426
4.6