Vulnerabilities > Untrusted Search Path

DATE CVE VULNERABILITY TITLE RISK
2020-06-26 CVE-2020-3768 Untrusted Search Path vulnerability in Adobe Coldfusion 2016/2018
ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a dll search-order hijacking vulnerability.
local
low complexity
adobe CWE-426
7.8
2020-06-10 CVE-2020-7279 Untrusted Search Path vulnerability in Mcafee Host Intrusion Prevention 8.0.0
DLL Search Order Hijacking Vulnerability in the installer component of McAfee Host Intrusion Prevention System (Host IPS) for Windows prior to 8.0.0 Patch 15 Update allows attackers with local access to execute arbitrary code via execution from a compromised folder.
local
low complexity
mcafee CWE-426
7.8
2020-06-09 CVE-2019-6196 Untrusted Search Path vulnerability in Lenovo Installation Package
A symbolic link vulnerability in some Lenovo installation packages, prior to version 1.2.9.3, could allow privileged file operations during file extraction and installation.
local
low complexity
lenovo CWE-426
7.3
2020-06-09 CVE-2019-6173 Untrusted Search Path vulnerability in Lenovo Installation Package
A DLL search path vulnerability could allow privilege escalation in some Lenovo installation packages, prior to version 1.2.9.3, during installation if an attacker already has administrative privileges.
local
low complexity
lenovo CWE-426
6.5
2020-06-04 CVE-2018-21241 Untrusted Search Path vulnerability in Foxitsoftware Phantompdf
An issue was discovered in Foxit PhantomPDF before 8.3.6.
local
low complexity
foxitsoftware CWE-426
7.8
2020-06-04 CVE-2020-13813 Untrusted Search Path vulnerability in Foxitsoftware Foxit Studio Photo
An issue was discovered in Foxit Studio Photo before 3.6.6.922.
local
low complexity
foxitsoftware CWE-426
7.8
2020-06-04 CVE-2020-13812 Untrusted Search Path vulnerability in Foxitsoftware Foxit Studio Photo
An issue was discovered in Foxit Studio Photo before 3.6.6.922.
local
low complexity
foxitsoftware CWE-426
7.8
2020-06-01 CVE-2020-4019 Untrusted Search Path vulnerability in Atlassian Companion
The file editing functionality in the Atlassian Companion App before version 1.0.0 allows local attackers to have the app run a different executable in place of the app's cmd.exe via a untrusted search path vulnerability.
local
low complexity
atlassian CWE-426
7.8
2020-04-22 CVE-2020-7490 Untrusted Search Path vulnerability in Schneider-Electric Vijeo Designer
A CWE-426: Untrusted Search Path vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 SP9 and prior), which could cause arbitrary code execution on the system running Vijeo Basic when a malicious DLL library is loaded by the Product.
local
low complexity
schneider-electric CWE-426
7.8
2020-04-21 CVE-2020-8895 Untrusted Search Path vulnerability in Google Earth
Untrusted Search Path vulnerability in the windows installer of Google Earth Pro versions prior to 7.3.3 allows an attacker to insert malicious local files to execute unauthenticated remote code on the targeted system.
local
low complexity
google CWE-426
7.8