Vulnerabilities > Untrusted Search Path
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-19 | CVE-2022-25366 | Untrusted Search Path vulnerability in Cryptomator Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and com.apple.security.cs.allow-dyld-environment-variables entitlements. | 7.8 |
| 2022-01-26 | CVE-2021-45975 | Untrusted Search Path vulnerability in Acer Care Center 4.00.3000 In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading mechanism of Windows DLLs could allow a local attacker to perform a DLL hijacking attack. | 7.8 |
| 2022-01-12 | CVE-2022-0014 | Untrusted Search Path vulnerability in Paloaltonetworks Cortex XDR Agent An untrusted search path vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker with file creation privilege in the Windows root directory (such as C:\) to store a program that can then be unintentionally executed by another local user when that user utilizes a Live Terminal session. | 7.3 |
| 2021-11-17 | CVE-2021-33063 | Untrusted Search Path vulnerability in Intel Realsense D400 Series Universal Windows Platform Driver Uncontrolled search path in the Intel(R) RealSense(TM) D400 Series UWP driver for Windows 10 before version 6.1.160.22 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2021-11-15 | CVE-2020-12892 | Untrusted Search Path vulnerability in AMD Radeon Software 20.11.2/20.7.1 An untrusted search path in AMD Radeon settings Installer may lead to a privilege escalation or unauthorized code execution. | 7.8 |
| 2021-10-27 | CVE-2011-4125 | Untrusted Search Path vulnerability in Calibre-Ebook Calibre A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the ability of unprivileged users to execute any program as root. | 9.8 |
| 2021-10-07 | CVE-2021-26556 | Untrusted Search Path vulnerability in Octopus Deploy When Octopus Server is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access. | 7.8 |
| 2021-10-07 | CVE-2021-26557 | Untrusted Search Path vulnerability in Octopus Tentacle When Octopus Tentacle is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access. | 7.8 |
| 2021-09-28 | CVE-2021-36297 | Untrusted Search Path vulnerability in Dell Supportassist for Home PCS SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll's, | 7.8 |
| 2021-09-17 | CVE-2021-41387 | Untrusted Search Path vulnerability in Seatd Project Seatd seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root. | 8.8 |