Vulnerabilities > Untrusted Search Path

DATE CVE VULNERABILITY TITLE RISK
2019-10-16 CVE-2019-17664 Untrusted Search Path vulnerability in NSA Ghidra
NSA Ghidra through 9.0.4 uses a potentially untrusted search path.
local
low complexity
nsa CWE-426
7.8
2019-10-10 CVE-2019-17449 Untrusted Search Path vulnerability in Avira Software Updater 2.0.6.13175/2.0.6.17105/2.0.6.20377
Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack.
local
low complexity
avira CWE-426
6.7
2019-10-07 CVE-2019-3745 Untrusted Search Path vulnerability in Dell Encryption and Endpoint Security Suite Enterprise
The vulnerability is limited to the installers of Dell Encryption Enterprise versions prior to 10.4.0 and Dell Endpoint Security Suite Enterprise versions prior to 2.4.0.
local
low complexity
dell CWE-426
7.3
2019-10-01 CVE-2019-14960 Untrusted Search Path vulnerability in Jetbrains Rider
JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider.Unity.Editor.Plugin.Repacked.dll file.
local
low complexity
jetbrains CWE-426
7.8
2019-09-24 CVE-2019-13357 Untrusted Search Path vulnerability in Totaldefense Anti-Virus 9.0.0.773
In Total Defense Anti-virus 9.0.0.773, resource acquisition from the untrusted search path C:\ used by caschelp.exe allows local attackers to hijack ccGUIFrm.dll, which leads to code execution.
local
low complexity
totaldefense CWE-426
7.8
2019-09-17 CVE-2019-6826 Untrusted Search Path vulnerability in Schneider-Electric Somachine Hvac 2.1.0/2.4.1
A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVAC v2.4.1 and earlier versions, which could cause arbitrary code execution on the system running SoMachine HVAC when a malicious DLL library is loaded by the product.
local
low complexity
schneider-electric CWE-426
7.8
2019-09-13 CVE-2019-11660 Untrusted Search Path vulnerability in Microfocus Data Protector
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40.
local
low complexity
microfocus CWE-426
7.8
2019-09-13 CVE-2019-3646 Untrusted Search Path vulnerability in Mcafee Total Protection 16.0.36/16.0.R18
DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Free Antivirus Trial 16.0.R18 and earlier allows local users to execute arbitrary code via execution from a compromised folder placed by an attacker with administrator rights.
local
low complexity
mcafee CWE-426
6.5
2019-08-29 CVE-2019-8461 Untrusted Search Path vulnerability in Checkpoint products
Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed.
local
low complexity
checkpoint CWE-426
7.8
2019-08-21 CVE-2019-15295 Untrusted Search Path vulnerability in Bitdefender Antivirus 2020
An Untrusted Search Path vulnerability in the ServiceInstance.dll library versions 1.0.15.119 and lower, as used in Bitdefender Antivirus Free 2020 versions prior to 1.0.15.138, allows an attacker to load an arbitrary DLL file from the search path.
local
low complexity
bitdefender CWE-426
7.8