Vulnerabilities > Untrusted Search Path
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-23 | CVE-2019-3587 | Untrusted Search Path vulnerability in Mcafee Total Protection 4.0.161.1/4.0.176.1/4.6 DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Prior to 16.0.18 allows local users to execute arbitrary code via execution from a compromised folder. | 6.5 |
| 2019-01-18 | CVE-2018-15983 | Untrusted Search Path vulnerability in Adobe Flash Player Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have an insecure library loading (dll hijacking) vulnerability. | 7.8 |
| 2019-01-09 | CVE-2018-16182 | Untrusted Search Path vulnerability in Rakuten-Sec Market Speed 16.4 Untrusted search path vulnerability in the installer of MARKET SPEED Ver.16.4 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2019-01-09 | CVE-2018-16176 | Untrusted Search Path vulnerability in Jaea Mapping Tool 2.0.1.6/2.0.1.7 Untrusted search path vulnerability in Installer of Mapping Tool 2.0.1.6 and 2.0.1.7 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2019-01-09 | CVE-2018-0667 | Untrusted Search Path vulnerability in MNC Inplc-Rt SDK Express and Inplc SDK Pro+ Untrusted search path vulnerability in Installer of INplc SDK Express 3.08 and earlier and Installer of INplc SDK Pro+ 3.08 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2019-01-04 | CVE-2018-1888 | Untrusted Search Path vulnerability in IBM I Access 6.1/7.1 An untrusted search path vulnerability in IBM i Access for Windows versions 7.1 and earlier on Windows can allow arbitrary code execution via a Trojan horse DLL in the current working directory, related to use of the LoadLibrary function. | 7.8 |
| 2018-12-20 | CVE-2018-18629 | Untrusted Search Path vulnerability in Keybase An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. | 7.8 |
| 2018-12-20 | CVE-2018-7365 | Untrusted Search Path vulnerability in ZTE Usmartview and Zxcloud Irai All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product are impacted by untrusted search path vulnerability, which may allow an unauthorized user to perform unauthorized operations. | 7.2 |
| 2018-11-29 | CVE-2018-12245 | Untrusted Search Path vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. | 7.8 |
| 2018-11-23 | CVE-2018-19486 | Untrusted Search Path vulnerability in multiple products Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '.' were at the end of $PATH) in certain cases involving the run_command() API and run-command.c, because there was a dangerous change from execvp to execv during 2017. | 9.8 |