Vulnerabilities > Untrusted Search Path

DATE CVE VULNERABILITY TITLE RISK
2017-05-22 CVE-2017-2175 Untrusted Search Path vulnerability in IPA Empirical Project Monitor - Extended
Untrusted search path vulnerability in Empirical Project Monitor - eXtended all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
ipa CWE-426
7.8
2017-05-22 CVE-2016-7804 Untrusted Search Path vulnerability in 7-Zip
Untrusted search path vulnerability in 7 Zip for Windows 16.02 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
7-zip CWE-426
7.8
2017-05-22 CVE-2016-4901 Untrusted Search Path vulnerability in National TAX Agency E-Tax
Untrusted search path vulnerability in The installer of e-Tax Software all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
national-tax-agency CWE-426
7.8
2017-05-22 CVE-2016-4900 Untrusted Search Path vulnerability in Evernote
Untrusted search path vulnerability in Evernote for Windows versions prior to 6.3 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
evernote CWE-426
7.8
2017-05-12 CVE-2017-2167 Untrusted Search Path vulnerability in Softbank Primedrive Desktop Application 1.4.3/1.4.4
Untrusted search path vulnerability in Installer for PrimeDrive Desktop Application version 1.4.4 and earlier allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory.
local
low complexity
softbank CWE-426
7.8
2017-05-12 CVE-2017-2157 Untrusted Search Path vulnerability in Jpki the Public Certification Service for Individuals 2.6/3.0.1/3.1
Untrusted search path vulnerability in installers for The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.1 and earlier, The Public Certification Service for Individuals "The JPKI user's software (for Windows Vista)", The Public Certification Service for Individuals "The JPKI user's software" Ver2.6 and earlier that were available until April 27, 2017 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
jpki CWE-426
7.3
2017-05-03 CVE-2017-5236 Untrusted Search Path vulnerability in Rapid7 Appspider PRO
Editions of Rapid7 AppSpider Pro installers prior to version 6.14.060 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.
local
low complexity
rapid7 CWE-426
7.8
2017-04-28 CVE-2017-2156 Untrusted Search Path vulnerability in Vivaldi Installer for Windows
Untrusted search path vulnerability in Vivaldi installer for Windows prior to version 1.7.735.48 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory.
local
low complexity
vivaldi CWE-426
7.8
2017-04-28 CVE-2017-2149 Untrusted Search Path vulnerability in Toshiba Flashair
Untrusted search path vulnerability in installers of the software for SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool V1.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Configuration Software V3.0.2 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WE series<W-03>) V3.00.01, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WD/WC series<W-02>) V2.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WB/WL series) V1.00.04 and earlier, SDHC Memory Card with embedded TransferJet functionality Configuration Software V1.02 and earlier, SDHC Memory Card with embedded TransferJet functionality Software Update tool V1.00.06 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
network
low complexity
toshiba CWE-426
8.8
2017-04-28 CVE-2017-2130 Untrusted Search Path vulnerability in Securebrain Phishwall Client 3.7.13/3.7.8.1
Untrusted search path vulnerability in the installer of PhishWall Client Internet Explorer version Ver.
local
low complexity
securebrain CWE-426
7.8