Vulnerabilities > Untrusted Search Path

DATE CVE VULNERABILITY TITLE RISK
2018-03-09 CVE-2018-0544 Untrusted Search Path vulnerability in Woodybells Winshot
Untrusted search path vulnerability in WinShot 1.53a and earlier (Installer) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
woodybells CWE-426
7.8
2018-03-09 CVE-2018-0543 Untrusted Search Path vulnerability in Woodybells Jtrim
Untrusted search path vulnerability in Jtrim 1.53c and earlier (Installer) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
woodybells CWE-426
7.8
2018-02-26 CVE-2018-7484 Untrusted Search Path vulnerability in Purevpn 5.19.4.0
An issue was discovered in PureVPN through 5.19.4.0 on Windows.
local
low complexity
purevpn CWE-426
7.8
2018-02-16 CVE-2018-6218 Untrusted Search Path vulnerability in Trendmicro products
A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.
local
high complexity
trendmicro CWE-426
7.0
2018-02-16 CVE-2018-0516 Untrusted Search Path vulnerability in Flets Address Selection Tool 4.0/6.0
Untrusted search path vulnerability in FLET'S v4 / v6 address selection tool allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
flets CWE-426
7.8
2018-02-16 CVE-2018-0515 Untrusted Search Path vulnerability in Flets Azukeru Backup Tool 1.5.2.6
Untrusted search path vulnerability in "FLET'S Azukeru Backup Tool" version 1.5.2.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
flets CWE-426
7.8
2018-02-13 CVE-2017-1711 Untrusted Search Path vulnerability in IBM Client Application Access and Notes
IBM iNotes 8.5 and 9.0 SUService can be misguided into running malicious code from a DLL masquerading as a windows DLL in the temp directory.
local
low complexity
ibm CWE-426
7.8
2018-02-08 CVE-2018-0517 Untrusted Search Path vulnerability in Kddi Anshin NET Security
Untrusted search path vulnerability in Anshin net security for Windows Version 16.0.1.44 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
kddi CWE-426
7.8
2018-02-05 CVE-2018-6461 Untrusted Search Path vulnerability in March-Hare Wincvs
March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the current working directory.
local
low complexity
march-hare CWE-426
7.8
2018-02-02 CVE-2018-6318 Untrusted Search Path vulnerability in Sophos Tester 3.2.0.7
In Sophos Tester Tool 3.2.0.7 Beta, the driver loads (in the context of the application used to test an exploit or ransomware) the DLL using a payload that runs from NTDLL.DLL (so, it's run in userland), but the driver doesn't perform any validation of this DLL (not its signature, not its hash, etc.).
local
low complexity
sophos CWE-426
7.8