Vulnerabilities > Untrusted Search Path

DATE CVE VULNERABILITY TITLE RISK
2019-06-03 CVE-2019-12569 Untrusted Search Path vulnerability in Rakuten Viber
A vulnerability in Viber before 10.7.0 for Desktop (Windows) could allow an attacker to execute arbitrary commands on a targeted system.
local
low complexity
rakuten CWE-426
7.8
2019-05-28 CVE-2019-5589 Untrusted Search Path vulnerability in Fortinet Forticlient
An Unsafe Search Path vulnerability in FortiClient Online Installer (Windows version before 6.0.6) may allow an unauthenticated, remote attacker with control over the directory in which FortiClientOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious .dll files in that directory.
local
low complexity
fortinet CWE-426
7.8
2019-05-17 CVE-2018-16156 Untrusted Search Path vulnerability in Fujitsu Paperstream IP (Twain) 1.42.0.5685
In PaperStream IP (TWAIN) 1.42.0.5685 (Service Update 7), the FJTWSVIC service running with SYSTEM privilege processes unauthenticated messages received over the FjtwMkic_Fjicube_32 named pipe.
local
low complexity
fujitsu CWE-426
7.8
2019-05-17 CVE-2019-5958 Untrusted Search Path vulnerability in Soumu Electronic Reception and Examination of Application for Radio Licenses 1.0.9.0
Untrusted search path vulnerability in Electronic reception and examination of application for radio licenses Offline 1.0.9.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
soumu CWE-426
7.8
2019-05-17 CVE-2019-5957 Untrusted Search Path vulnerability in Soumu Electronic Reception and Examination of Application for Radio Licenses 1.0.9.0
Untrusted search path vulnerability in Installer of Electronic reception and examination of application for radio licenses Online 1.0.9.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
soumu CWE-426
7.8
2019-04-29 CVE-2019-5429 Untrusted Search Path vulnerability in multiple products
Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory.
7.8
2019-04-26 CVE-2019-9798 Untrusted Search Path vulnerability in Mozilla Firefox
On Android systems, Firefox can load a library from APITRACE_LIB, which is writable by all users and applications.
network
high complexity
mozilla CWE-426
7.4
2019-04-25 CVE-2018-18367 Untrusted Search Path vulnerability in Symantec Endpoint Protection Manager
Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead.
local
low complexity
symantec CWE-426
7.8
2019-04-25 CVE-2018-18369 Untrusted Search Path vulnerability in Symantec products
Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead.
local
low complexity
symantec CWE-426
7.8
2019-04-19 CVE-2019-11351 Untrusted Search Path vulnerability in Teamspeak
TeamSpeak 3 Client before 3.2.5 allows remote code execution in the Qt framework.
network
low complexity
teamspeak CWE-426
8.8