Vulnerabilities > Untrusted Search Path

DATE CVE VULNERABILITY TITLE RISK
2017-04-28 CVE-2017-2108 Untrusted Search Path vulnerability in Softbank Primedrive Desktop Application 1.4.3
Untrusted search path vulnerability in PrimeDrive Desktop Application 1.4.3 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
softbank CWE-426
7.8
2017-04-28 CVE-2017-2107 Untrusted Search Path vulnerability in Akky 7-Zip32.Dll
Untrusted search path vulnerability in Self-extracting archive files created by 7-ZIP32.DLL 9.22.00.01 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
akky CWE-426
7.8
2017-04-21 CVE-2016-4846 Untrusted Search Path vulnerability in Securebrain Phishwall Client 3.7.8.1
Untrusted search path vulnerability in the installer of PhishWall Client Internet Explorer before 3.7.8.2.
local
low complexity
securebrain CWE-426
7.8
2017-04-12 CVE-2017-3007 Untrusted Search Path vulnerability in Adobe Creative Cloud
Adobe Thor versions 3.9.5.353 and earlier have a vulnerability in the directory search path used to find resources, related to Creative Cloud desktop applications.
local
low complexity
adobe CWE-426
7.8
2017-03-15 CVE-2017-6189 Untrusted Search Path vulnerability in Amazon Kindle for PC 1.17.44183/1.3.0.30884
Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer.
local
low complexity
amazon CWE-426
7.3
2017-03-14 CVE-2017-2983 Untrusted Search Path vulnerability in Adobe Shockwave Player
Adobe Shockwave versions 12.2.7.197 and earlier have an insecure library loading (DLL hijacking) vulnerability.
local
low complexity
adobe CWE-426
7.8
2017-03-10 CVE-2017-6798 Untrusted Search Path vulnerability in Trendmicro Endpoint Sensor 1.6
Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208.
local
low complexity
trendmicro CWE-426
7.8
2017-03-02 CVE-2017-5235 Untrusted Search Path vulnerability in Rapid7 Metasploit 4.11.7/4.12.40/4.13.0
Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.
local
low complexity
rapid7 CWE-426
7.8
2017-03-02 CVE-2017-5234 Untrusted Search Path vulnerability in Rapid7 Insight Collector 1.0.15
Rapid7 Insight Collector installers prior to version 1.0.16 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.
local
low complexity
rapid7 CWE-426
7.8
2017-03-02 CVE-2017-5233 Untrusted Search Path vulnerability in Rapid7 Appspider PRO
Rapid7 AppSpider Pro installers prior to version 6.14.053 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.
local
low complexity
rapid7 CWE-426
7.8