Vulnerabilities > Untrusted Search Path
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-26 | CVE-2022-39245 | Untrusted Search Path vulnerability in Makedeb Mist Mist is the command-line interface for the makedeb Package Repository. | 7.8 |
| 2022-09-08 | CVE-2022-36403 | Untrusted Search Path vulnerability in Ricoh Device Software Manager Untrusted search path vulnerability in the installer of Device Software Manager prior to Ver.2.20.3.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2022-07-12 | CVE-2021-36666 | Untrusted Search Path vulnerability in Druva Insync Client An issue was discovered in Druva 6.9.0 for MacOS, allows attackers to gain escalated local privileges via the inSyncDecommission. | 7.8 |
| 2022-05-20 | CVE-2022-28964 | Untrusted Search Path vulnerability in Avast Premium Security 19.8.2393/20.8.2429 An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file. | 7.1 |
| 2022-04-22 | CVE-2022-29583 | Untrusted Search Path vulnerability in Service Project Service service_windows.go in the kardianos service package for Go omits quoting that is sometimes needed for execution of a Windows service executable from the intended directory. | 7.8 |
| 2022-04-20 | CVE-2022-24826 | Untrusted Search Path vulnerability in GIT Large File Storage Project GIT Large File Storage On Windows, if Git LFS operates on a malicious repository with a `..exe` file as well as a file named `git.exe`, and `git.exe` is not found in `PATH`, the `..exe` program will be executed, permitting the attacker to execute arbitrary code. | 7.8 |
| 2022-03-21 | CVE-2022-26183 | Untrusted Search Path vulnerability in Pnpm PNPM v6.15.1 and below was discovered to contain an untrusted search path which causes the application to behave in unexpected ways when users execute PNPM commands in a directory containing malicious content. | 8.8 |
| 2022-03-21 | CVE-2022-26184 | Untrusted Search Path vulnerability in Python-Poetry Poetry Poetry v1.1.9 and below was discovered to contain an untrusted search path which causes the application to behave in unexpected ways when users execute Poetry commands in a directory containing malicious content. | 9.8 |
| 2022-03-10 | CVE-2022-26488 | Untrusted Search Path vulnerability in multiple products In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. | 7.0 |
| 2022-02-19 | CVE-2022-25366 | Untrusted Search Path vulnerability in Cryptomator Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and com.apple.security.cs.allow-dyld-environment-variables entitlements. | 7.8 |