Vulnerabilities > Untrusted Search Path
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-26 | CVE-2022-39245 | Untrusted Search Path vulnerability in Makedeb Mist Mist is the command-line interface for the makedeb Package Repository. | 7.8 |
| 2022-07-12 | CVE-2022-22047 | Untrusted Search Path vulnerability in Microsoft products Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | 7.8 |
| 2022-07-12 | CVE-2022-31012 | Untrusted Search Path vulnerability in Gitforwindows GIT 2.34.1 Git for Windows is a fork of Git that contains Windows-specific patches. | 4.4 |
| 2022-07-12 | CVE-2021-36666 | Untrusted Search Path vulnerability in Druva Insync Client An issue was discovered in Druva 6.9.0 for MacOS, allows attackers to gain escalated local privileges via the inSyncDecommission. | 7.8 |
| 2022-05-20 | CVE-2022-28964 | Untrusted Search Path vulnerability in Avast Premium Security 19.8.2393/20.8.2429 An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file. | 5.4 |
| 2022-04-22 | CVE-2022-29583 | Untrusted Search Path vulnerability in Service Project Service service_windows.go in the kardianos service package for Go omits quoting that is sometimes needed for execution of a Windows service executable from the intended directory. | 7.8 |
| 2022-04-20 | CVE-2022-24826 | Untrusted Search Path vulnerability in GIT Large File Storage Project GIT Large File Storage On Windows, if Git LFS operates on a malicious repository with a `..exe` file as well as a file named `git.exe`, and `git.exe` is not found in `PATH`, the `..exe` program will be executed, permitting the attacker to execute arbitrary code. | 4.4 |
| 2022-03-21 | CVE-2022-26183 | Untrusted Search Path vulnerability in Pnpm PNPM v6.15.1 and below was discovered to contain an untrusted search path which causes the application to behave in unexpected ways when users execute PNPM commands in a directory containing malicious content. | 8.8 |
| 2022-03-21 | CVE-2022-26184 | Untrusted Search Path vulnerability in Python-Poetry Poetry Poetry v1.1.9 and below was discovered to contain an untrusted search path which causes the application to behave in unexpected ways when users execute Poetry commands in a directory containing malicious content. | 9.8 |
| 2022-03-10 | CVE-2022-26488 | Untrusted Search Path vulnerability in multiple products In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. | 7.0 |