Vulnerabilities > Untrusted Search Path
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-17 | CVE-2019-6826 | Untrusted Search Path vulnerability in Schneider-Electric Somachine Hvac 2.1.0/2.4.1 A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVAC v2.4.1 and earlier versions, which could cause arbitrary code execution on the system running SoMachine HVAC when a malicious DLL library is loaded by the product. | 7.8 |
| 2019-09-13 | CVE-2019-11660 | Untrusted Search Path vulnerability in Microfocus Data Protector Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. | 7.8 |
| 2019-09-13 | CVE-2019-3646 | Untrusted Search Path vulnerability in Mcafee Total Protection 16.0.36/16.0.R18 DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Free Antivirus Trial 16.0.R18 and earlier allows local users to execute arbitrary code via execution from a compromised folder placed by an attacker with administrator rights. | 6.5 |
| 2019-08-29 | CVE-2019-8461 | Untrusted Search Path vulnerability in Checkpoint products Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. | 7.8 |
| 2019-08-21 | CVE-2019-15295 | Untrusted Search Path vulnerability in Bitdefender Antivirus 2020 An Untrusted Search Path vulnerability in the ServiceInstance.dll library versions 1.0.15.119 and lower, as used in Bitdefender Antivirus Free 2020 versions prior to 1.0.15.138, allows an attacker to load an arbitrary DLL file from the search path. | 7.8 |
| 2019-08-19 | CVE-2019-6165 | Untrusted Search Path vulnerability in Lenovo Yoga 700-11Isk Firmware and Yoga 700-14Isk Firmware A DLL search path vulnerability was reported in PaperDisplay Hotkey Service version 1.2.0.8 that could allow privilege escalation. | 7.8 |
| 2019-08-19 | CVE-2019-5631 | Untrusted Search Path vulnerability in Rapid7 Insightappsec The Rapid7 InsightAppSec broker suffers from a DLL injection vulnerability in the 'prunsrv.exe' component of the product. | 7.8 |
| 2019-08-01 | CVE-2016-10837 | Untrusted Search Path vulnerability in Cpanel cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46). | 7.5 |
| 2019-07-26 | CVE-2019-9492 | Untrusted Search Path vulnerability in Trendmicro Officescan 11.0/Xg A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow an authenticated attacker to gain code execution and terminate the product's process - disabling endpoint protection. | 7.8 |
| 2019-07-19 | CVE-2019-1010100 | Untrusted Search Path vulnerability in Akeo Rufus Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order hijacking. | 7.8 |