Vulnerabilities > Untrusted Search Path
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-01-04 | CVE-2018-1888 | Untrusted Search Path vulnerability in IBM I Access 6.1/7.1 An untrusted search path vulnerability in IBM i Access for Windows versions 7.1 and earlier on Windows can allow arbitrary code execution via a Trojan horse DLL in the current working directory, related to use of the LoadLibrary function. | 7.8 |
2018-12-20 | CVE-2018-18629 | Untrusted Search Path vulnerability in Keybase An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. | 7.8 |
2018-12-20 | CVE-2018-7365 | Untrusted Search Path vulnerability in ZTE Usmartview and Zxcloud Irai All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product are impacted by untrusted search path vulnerability, which may allow an unauthorized user to perform unauthorized operations. | 7.2 |
2018-11-29 | CVE-2018-12245 | Untrusted Search Path vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. | 7.8 |
2018-11-23 | CVE-2018-19486 | Untrusted Search Path vulnerability in multiple products Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '.' were at the end of $PATH) in certain cases involving the run_command() API and run-command.c, because there was a dangerous change from execvp to execv during 2017. | 9.8 |
2018-11-19 | CVE-2018-18519 | Untrusted Search Path vulnerability in Bestxsoftware Best Free Keylogger 5.2.9 BestXsoftware Best Free Keylogger before 6.0.0 allows local users to gain privileges via a Trojan horse "%PROGRAMFILES%\BFK 5.2.9\syscrb.exe" file because of insecure permissions for the BUILTIN\Users group. | 7.8 |
2018-11-15 | CVE-2018-0692 | Untrusted Search Path vulnerability in Baidu Spark Browser Untrusted search path vulnerability in Baidu Browser Version 43.23.1000.500 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
2018-11-09 | CVE-2018-1802 | Untrusted Search Path vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege user full access to the DB2 instance account by loading a malicious shared library. | 7.8 |
2018-10-17 | CVE-2018-15974 | Untrusted Search Path vulnerability in Adobe Framemaker Adobe Framemaker versions 1.0.5.1 and below have an insecure library loading (dll hijacking) vulnerability. | 7.8 |
2018-10-15 | CVE-2018-17980 | Untrusted Search Path vulnerability in Nomachine NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan horse code is executed. | 7.8 |