Vulnerabilities > Untrusted Search Path
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-21 | CVE-2021-25699 | Untrusted Search Path vulnerability in Teradici Pcoip Client 19.08.3 The OpenSSL component of the Teradici PCoIP Software Client prior to version 21.07.0 was compiled without the no-autoload-config option, which allowed an attacker to elevate to the privileges of the running process via placing a specially crafted dll in a build configuration directory. | 7.8 |
| 2021-04-30 | CVE-2021-26807 | Untrusted Search Path vulnerability in GOG Galaxy 2.0.28.9 GalaxyClient version 2.0.28.9 loads unsigned DLLs such as zlib1.dll, libgcc_s_dw2-1.dll and libwinpthread-1.dll from PATH, which allows an attacker to potentially run code locally through unsigned DLL loading. | 7.8 |
| 2021-04-09 | CVE-2021-29221 | Untrusted Search Path vulnerability in Erlang Erlang/Otp A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3. | 7.0 |
| 2021-04-08 | CVE-2021-3146 | Untrusted Search Path vulnerability in Dolby Audio X2 The Dolby Audio X2 (DAX2) API service before 0.8.8.90 on Windows allows local users to gain privileges. | 7.8 |
| 2021-03-26 | CVE-2021-28249 | Untrusted Search Path vulnerability in CA Ehealth Performance Manager CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. | 8.8 |
| 2021-03-26 | CVE-2021-28246 | Untrusted Search Path vulnerability in Broadcom Ehealth CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. | 7.8 |
| 2021-02-12 | CVE-2021-22980 | Untrusted Search Path vulnerability in F5 Big-Ip Access Policy Manager In Edge Client version 7.2.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, and 7.1.x-7.1.8.x before 7.1.8.5, an untrusted search path vulnerability in the BIG-IP APM Client Troubleshooting Utility (CTU) for Windows could allow an attacker to load a malicious DLL library from its current directory. | 7.8 |
| 2021-01-13 | CVE-2020-35686 | Untrusted Search Path vulnerability in Soundresearch Dchu Model Software Component Modules 2.0.9.17 The SECOMN service in Sound Research DCHU model software component modules (APO) through 2.0.9.17, delivered on HP Windows 10 computers, may allow escalation of privilege via a fake DLL. | 7.8 |
| 2020-12-15 | CVE-2020-29482 | Untrusted Search Path vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.0 |
| 2020-11-20 | CVE-2020-4739 | Untrusted Search Path vulnerability in IBM DB2 IBM DB2 Accessories Suite for Linux, UNIX, and Windows, DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. | 7.8 |