Vulnerabilities > Untrusted Search Path
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-26 | CVE-2018-0596 | Untrusted Search Path vulnerability in Microsoft Visual Studio Community Untrusted search path vulnerability in the installer of Visual Studio Community allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2018-06-26 | CVE-2018-0595 | Untrusted Search Path vulnerability in Microsoft Skype Untrusted search path vulnerability in the installer of Skype for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2018-06-26 | CVE-2018-0594 | Untrusted Search Path vulnerability in Microsoft Skype Untrusted search path vulnerability in Skype for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2018-06-26 | CVE-2018-0593 | Untrusted Search Path vulnerability in Microsoft Onedrive Untrusted search path vulnerability in the installer of Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2018-06-26 | CVE-2018-0592 | Untrusted Search Path vulnerability in Microsoft Onedrive Untrusted search path vulnerability in Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2018-06-26 | CVE-2018-0563 | Untrusted Search Path vulnerability in Ntt-East products Untrusted search path vulnerability in the installer of FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.13.0 and earlier versions and FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.13.0 and earlier versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2018-06-22 | CVE-2018-1000201 | Untrusted Search Path vulnerability in Ruby-Ffi Project Ruby-Ffi ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can be hijacked on Windows OS, when a Symbol is used as DLL name instead of a String This vulnerability appears to have been fixed in v1.9.24 and later. | 7.8 |
| 2018-06-11 | CVE-2017-7755 | Untrusted Search Path vulnerability in Mozilla Firefox The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run. | 7.8 |
| 2018-06-11 | CVE-2018-6514 | Untrusted Search Path vulnerability in Puppet In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x prior to 5.5.2, Facter on Windows is vulnerable to a DLL preloading attack, which could lead to a privilege escalation. | 7.8 |
| 2018-06-11 | CVE-2018-6513 | Untrusted Search Path vulnerability in Puppet and Puppet Enterprise Puppet Enterprise 2016.4.x prior to 2016.4.12, Puppet Enterprise 2017.3.x prior to 2017.3.7, Puppet Enterprise 2018.1.x prior to 2018.1.1, Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2, were vulnerable to an attack where an unprivileged user on Windows agents could write custom facts that can escalate privileges on the next puppet run. | 8.8 |