Vulnerabilities > Untrusted Search Path
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-30 | CVE-2020-6654 | Untrusted Search Path vulnerability in Eaton 9000X Programming and Configuration Software 2.0.38 A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL. | 7.8 |
| 2020-09-16 | CVE-2020-10733 | Untrusted Search Path vulnerability in Postgresql The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. | 7.3 |
| 2020-09-14 | CVE-2020-0570 | Untrusted Search Path vulnerability in multiple products Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access. | 7.3 |
| 2020-09-10 | CVE-2020-7315 | Untrusted Search Path vulnerability in Mcafee Agent 5.0.0 DLL Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code via careful placement of a malicious DLL. | 6.7 |
| 2020-09-04 | CVE-2020-4545 | Untrusted Search Path vulnerability in IBM Aspera Connect 3.9.8/3.9.9 IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature. | 7.8 |
| 2020-08-24 | CVE-2020-14350 | Untrusted Search Path vulnerability in multiple products It was found that some PostgreSQL extensions did not use search_path safely in their installation script. | 7.3 |
| 2020-07-24 | CVE-2020-10610 | Untrusted Search Path vulnerability in Osisoft products In OSIsoft PI System multiple products and versions, a local attacker can modify a search path and plant a binary to exploit the affected PI System software to take control of the local computer at Windows system privilege level, resulting in unauthorized information disclosure, deletion, or modification. | 7.8 |
| 2020-07-24 | CVE-2020-8317 | Untrusted Search Path vulnerability in Lenovo Drivers Management A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges. | 7.8 |
| 2020-07-20 | CVE-2020-15009 | Untrusted Search Path vulnerability in Asus Screenpad2 Upgrade Tool 1.0.3 AsusScreenXpertServicec.exe and ScreenXpertUpgradeServiceManager.exe in ScreenPad2_Upgrade_Tool.msi V1.0.3 for ASUS PCs with ScreenPad 1.0 (UX450FDX, UX550GDX and UX550GEX) could lead to unsigned code execution with no additional restrictions when a user puts an application at a particular path with a particular file name. | 7.8 |
| 2020-07-17 | CVE-2020-15801 | Untrusted Search Path vulnerability in multiple products In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. | 9.8 |