Vulnerabilities > Untrusted Search Path
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-02 | CVE-2017-5235 | Untrusted Search Path vulnerability in Rapid7 Metasploit 4.11.7/4.12.40/4.13.0 Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | 7.8 |
| 2017-03-02 | CVE-2017-5234 | Untrusted Search Path vulnerability in Rapid7 Insight Collector 1.0.15 Rapid7 Insight Collector installers prior to version 1.0.16 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | 7.8 |
| 2017-03-02 | CVE-2017-5233 | Untrusted Search Path vulnerability in Rapid7 Appspider PRO Rapid7 AppSpider Pro installers prior to version 6.14.053 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | 7.8 |
| 2017-03-02 | CVE-2017-5232 | Untrusted Search Path vulnerability in Rapid7 Nexpose All editions of Rapid7 Nexpose installers prior to version 6.4.24 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | 7.8 |
| 2017-01-30 | CVE-2016-6167 | Untrusted Search Path vulnerability in Putty 0.67 Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) UxTheme.dll or (2) ntmarta.dll file in the current working directory. | 7.8 |
| 2017-01-23 | CVE-2016-1417 | Untrusted Search Path vulnerability in Snort 2.9.7.0 Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tcapi.dll that is located in the same folder on a remote file share as a pcap file that is being processed. | 8.8 |
| 2017-01-23 | CVE-2016-1281 | Untrusted Search Path vulnerability in Idrix Truecrypt and Veracrypt Untrusted search path vulnerability in the installer for TrueCrypt 7.2 and 7.1a, VeraCrypt before 1.17-BETA, and possibly other products allows local users to execute arbitrary code with administrator privileges and conduct DLL hijacking attacks via a Trojan horse DLL in the "application directory", as demonstrated with the USP10.dll, RichEd20.dll, NTMarta.dll and SRClient.dll DLLs. | 7.8 |
| 2017-01-05 | CVE-2016-10009 | Untrusted Search Path vulnerability in Openbsd Openssh Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket. | 7.3 |
| 2016-12-29 | CVE-2016-7085 | Untrusted Search Path vulnerability in VMWare Workstation Player and Workstation PRO Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2016-12-20 | CVE-2016-7300 | Untrusted Search Path vulnerability in Microsoft Auto Updater for mac Untrusted search path vulnerability in Microsoft Auto Updater for Mac allows local users to gain privileges via a Trojan horse executable file, aka "Microsoft (MAU) Office Elevation of Privilege Vulnerability." | 7.8 |