Vulnerabilities > Untrusted Search Path
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-18 | CVE-2020-27695 | Untrusted Search Path vulnerability in Trendmicro products Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a local directory which can lead to obtaining administrative privileges during the installation of the product. | 7.8 |
| 2020-11-02 | CVE-2020-6014 | Untrusted Search Path vulnerability in Checkpoint Endpoint Security E80.96/E81.30 Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL during a query for the Domain Name. | 6.5 |
| 2020-10-28 | CVE-2020-5144 | Untrusted Search Path vulnerability in Sonicwall Global VPN Client 4.10.4.0314 SonicWall Global VPN client version 4.10.4.0314 and earlier allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability. | 7.8 |
| 2020-10-23 | CVE-2020-5977 | Untrusted Search Path vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure. | 7.8 |
| 2020-10-14 | CVE-2020-8338 | Untrusted Search Path vulnerability in Lenovo Diagnostics A DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4 that could allow a user with local access to execute code on the system. | 7.8 |
| 2020-09-30 | CVE-2020-6654 | Untrusted Search Path vulnerability in Eaton 9000X Programming and Configuration Software 2.0.38 A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL. | 7.8 |
| 2020-09-16 | CVE-2020-10733 | Untrusted Search Path vulnerability in Postgresql The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. | 7.3 |
| 2020-09-14 | CVE-2020-0570 | Untrusted Search Path vulnerability in multiple products Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access. | 7.3 |
| 2020-09-10 | CVE-2020-7315 | Untrusted Search Path vulnerability in Mcafee Agent 5.0.0 DLL Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code via careful placement of a malicious DLL. | 6.7 |
| 2020-09-04 | CVE-2020-4545 | Untrusted Search Path vulnerability in IBM Aspera Connect 3.9.8/3.9.9 IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature. | 7.8 |