Vulnerabilities > Untrusted Search Path
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-29 | CVE-2019-5429 | Untrusted Search Path vulnerability in multiple products Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory. | 7.8 |
| 2019-04-26 | CVE-2019-9798 | Untrusted Search Path vulnerability in Mozilla Firefox On Android systems, Firefox can load a library from APITRACE_LIB, which is writable by all users and applications. | 7.4 |
| 2019-04-25 | CVE-2018-18367 | Untrusted Search Path vulnerability in Symantec Endpoint Protection Manager Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. | 7.8 |
| 2019-04-25 | CVE-2018-18369 | Untrusted Search Path vulnerability in Symantec products Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. | 7.8 |
| 2019-04-19 | CVE-2019-11351 | Untrusted Search Path vulnerability in Teamspeak TeamSpeak 3 Client before 3.2.5 allows remote code execution in the Qt framework. | 8.8 |
| 2019-04-17 | CVE-2019-8453 | Untrusted Search Path vulnerability in Checkpoint Zonealarm Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. | 5.5 |
| 2019-04-17 | CVE-2018-10959 | Untrusted Search Path vulnerability in Beyondtrust Avecto Defendpoint Avecto Defendpoint 4 prior to 4.4 SR6 and 5 prior to 5.1 SR1 has an Untrusted Search Path vulnerability, exploitable by modifying environment variables to trigger automatic elevation of an attacker's process launch. | 7.5 |
| 2019-04-10 | CVE-2019-6154 | Untrusted Search Path vulnerability in Lenovo Bootable USB A DLL search path vulnerability was reported in Lenovo Bootable Generator, prior to version Mar-2019, that could allow a malicious user with local access to execute code on the system. | 7.8 |
| 2019-04-09 | CVE-2019-0809 | Untrusted Search Path vulnerability in Microsoft Visual Studio 2017 15.9 A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer improperly validates input before loading dynamic link library (DLL) files, aka 'Visual Studio Remote Code Execution Vulnerability'. | 7.8 |
| 2019-03-21 | CVE-2018-18913 | Untrusted Search Path vulnerability in Opera Browser Opera before 57.0.3098.106 is vulnerable to a DLL Search Order hijacking attack where an attacker can send a ZIP archive composed of an HTML page along with a malicious DLL to the target. | 7.8 |