Vulnerabilities > Untrusted Search Path
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-23 | CVE-2021-26738 | Untrusted Search Path vulnerability in Zscaler Client Connector 3.6 Zscaler Client Connector for macOS prior to 3.7 had an unquoted search path vulnerability via the PATH variable. | 7.8 |
| 2023-09-12 | CVE-2023-39201 | Untrusted Search Path vulnerability in Zoom Cleanzoom Untrusted search path in CleanZoom before file date 07/24/2023 may allow a privileged user to conduct an escalation of privilege via local access. | 6.7 |
| 2023-08-23 | CVE-2023-41105 | Untrusted Search Path vulnerability in multiple products An issue was discovered in Python 3.11 through 3.11.4. | 7.5 |
| 2023-08-11 | CVE-2022-43456 | Untrusted Search Path vulnerability in Intel Rapid Storage Technology Uncontrolled search path in some Intel(R) RST software before versions 16.8.5.1014.5, 17.11.3.1010.2, 18.7.6.1011.2 and 19.5.2.1049.5 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-08-08 | CVE-2023-39212 | Untrusted Search Path vulnerability in Zoom Rooms Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated user to enable a denial of service via local access. | 5.5 |
| 2023-08-08 | CVE-2023-36540 | Untrusted Search Path vulnerability in Zoom Untrusted search path in the installer for Zoom Desktop Client for Windows before 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access. | 7.8 |
| 2023-07-11 | CVE-2023-36536 | Untrusted Search Path vulnerability in Zoom Rooms Untrusted search path in the installer for Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access. | 7.8 |
| 2023-06-26 | CVE-2023-34144 | Untrusted Search Path vulnerability in Trendmicro Apex ONE An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate their privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34145. | 7.8 |
| 2023-06-26 | CVE-2023-34145 | Untrusted Search Path vulnerability in Trendmicro Apex ONE An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate their privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34144. | 7.8 |
| 2023-04-18 | CVE-2023-28143 | Untrusted Search Path vulnerability in Qualys Cloud Agent 2.5.175 Qualys Cloud Agent for macOS (versions 2.5.1-75 before 3.7) installer allows a local escalation of privilege bounded only to the time of installation and only on older macOSX (macOS 10.15 and older) versions. Attackers may exploit incorrect file permissions to give them ROOT command execution privileges on the host. | 7.0 |