Vulnerabilities > Untrusted Search Path
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-26 | CVE-2021-45975 | Untrusted Search Path vulnerability in Acer Care Center 4.00.3000 In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading mechanism of Windows DLLs could allow a local attacker to perform a DLL hijacking attack. | 7.8 |
| 2022-01-12 | CVE-2022-0014 | Untrusted Search Path vulnerability in Paloaltonetworks Cortex XDR Agent An untrusted search path vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker with file creation privilege in the Windows root directory (such as C:\) to store a program that can then be unintentionally executed by another local user when that user utilizes a Live Terminal session. | 7.3 |
| 2021-11-17 | CVE-2021-33063 | Untrusted Search Path vulnerability in Intel Realsense D400 Series Universal Windows Platform Driver Uncontrolled search path in the Intel(R) RealSense(TM) D400 Series UWP driver for Windows 10 before version 6.1.160.22 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2021-11-15 | CVE-2020-12892 | Untrusted Search Path vulnerability in AMD Radeon Software 20.11.2/20.7.1 An untrusted search path in AMD Radeon settings Installer may lead to a privilege escalation or unauthorized code execution. | 7.8 |
| 2021-10-07 | CVE-2021-26556 | Untrusted Search Path vulnerability in Octopus Deploy When Octopus Server is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access. | 7.8 |
| 2021-10-07 | CVE-2021-26557 | Untrusted Search Path vulnerability in Octopus Tentacle When Octopus Tentacle is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access. | 7.8 |
| 2021-09-28 | CVE-2021-36297 | Untrusted Search Path vulnerability in Dell Supportassist for Home PCS SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll's, | 7.8 |
| 2021-09-17 | CVE-2021-41387 | Untrusted Search Path vulnerability in Seatd Project Seatd seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root. | 8.8 |
| 2021-08-03 | CVE-2021-21562 | Untrusted Search Path vulnerability in Dell EMC Powerscale Onefs Dell EMC PowerScale OneFS contains an untrusted search path vulnerability. | 4.4 |
| 2021-07-21 | CVE-2021-25698 | Untrusted Search Path vulnerability in Teradici Pcoip Standard Agent The OpenSSL component of the Teradici PCoIP Standard Agent prior to version 21.07.0 was compiled without the no-autoload-config option, which allowed an attacker to elevate to the privileges of the running process via placing a specially crafted dll in a build configuration directory. | 7.8 |