IP Setting Software may insecurely load Dynamic Link Libraries

Overview IP Setting Software provided by i-PRO Co., Ltd. contains the following vulnerability in the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-34488 i-PRO Co., Ltd. reported this vulnerability to IPA to notify...

GreenShot 代码问题漏洞

GreenShot is a lightweight screenshot software tool for Windows developed by GreenShot Inc. Versions of Greenshot 1.3.312 and earlier contained a code vulnerability that stemmed from an insecure search path for executable files. This vulnerability could allow local attackers to execute arbitrary...

ROS-20260209-73-0039

A vulnerability in the Agent component of the Zabbix IT infrastructure monitoring system is related to the use of an insecure search path. Exploitation of the vulnerability could allow an attacker to gain write access to arbitrary system files in the /home/cecuser directory...

ROS-20260209-73-0041

A vulnerability in the Agent component of the Zabbix IT infrastructure monitoring system is related to the use of an insecure search path. Exploitation of the vulnerability could allow an attacker to gain write access to arbitrary system files in the /home/cecuser directory...

ROS-20260209-73-0040

A vulnerability in the Agent component of the Zabbix IT infrastructure monitoring system is related to the use of an insecure search path. Exploitation of the vulnerability could allow an attacker to gain write access to arbitrary system files in the /home/cecuser directory...

ROS-20260209-73-0036

Vulnerability in pgbouncer related to the use of an insecure search path. Exploitation of the vulnerability could allow an attacker to escalate their privileges...

CVE-2026-0776

Discord Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Discord Client. An attacker must first obtain the ability to execute low-privileged code on the target system in...

CVE-2026-21427

The installers for multiple products provided by PIONEER CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running installer...

CVE-2025-34396

MailEnable

Installer of RakurakuMusen Start EX for Windows may insecurely load Dynamic Link Libraries

Overview Installer of RakurakuMusen Start EX for Windows provided by NEC Corporation uses an inappropriate DLL search path list, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2025-12852 Impact Arbitrary code may be executed with the...

ROS-20251113-05

A vulnerability in the NVIDIA display driver is related to a synchronization issue. Exploitation of the vulnerability could allow an attacker to execute arbitrary code, escalate privileges, cause a denial of service, and disclose sensitive information A vulnerability in the NVIDIA display driver ...

ROS-20251028-11

A vulnerability in the NVIDIA Container Toolkit container creation and launch software and the NVIDIA GPU Operator resource management software is associated with synchronization errors. NVIDIA GPU Operator resource management software is associated with synchronization errors when using a shared...

Installer of AutoDownloader may insecurely load Dynamic Link Libraries

Overview Installer of AutoDownloader provided by Panasonic Connect Co., Ltd. contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2025-11223 Kazuma Matsumoto of GMO Cybersecurity ...

Elastic Beats filebeat < 9.1.0 Privilege Escalation

The version of Elastic Beats filebeat installed on the remote host is prior to 9.1.0. It is, therefore, affected by a vulnerability. An uncontrolled search path element vulnerability can lead to local privilege Escalation LPE via Insecure Directory Permissions. The vulnerability arises from...

ROS-20250724-07

A vulnerability in the Microsoft .NET software platform and Microsoft's software development tool Visual Studio is related to the use of an insecure search path. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

NI LabVIEW（National Instruments LabVIEW） 安全漏洞

NI LabVIEW National Instruments LabVIEW is a graphical program compilation platform from National Instruments NI. A security vulnerability exists in NI LabVIEW National Instruments LabVIEW version 2025 Q1 and earlier, which stems from an uncontrolled search path that could lead to the execution o...

PT-2024-7214 · Microsoft · 365 Apps For Enterprise +1

Name of the Vulnerable Software and Affected Versions: Microsoft Office affected versions not specified Microsoft 365 Apps for Enterprise affected versions not specified Description: The issue is related to the use of an insecure search path in Microsoft Office and Microsoft 365 Apps for Enterpri...

PT-2024-19080 · Intel · Intel Processor Diagnostic Tool

Name of the Vulnerable Software and Affected Versions: IntelR Processor Diagnostic Tool versions prior to 4.1.9.41 Description: The issue is related to an uncontrolled search path in the IntelR Processor Diagnostic Tool software. This may allow an authenticated user to potentially enable escalati...

ROS-20240329-05

Vulnerability in the vim text editor is related to the use of an insecure search path. Exploitation exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in the vimregsubboth function of the vim text editor is caused by a buffer overflow in dynamic...

ROS-20240212-01

A vulnerability in the PKCS11 function of the ssh-agent component of the OpenSSH cryptographic security tool is related to the following the use of an insecure search path. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute...