251 matches found
CVE-2025-5470
Uncontrolled Search Path Element vulnerability in Yandex Disk on MacOS allows Search Order Hijacking.This issue affects Disk: before 3.2.45.3275...
CVE-2025-5471
Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1...
CVE-2025-5469
Uncontrolled Search Path Element vulnerability in Yandex Messenger on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.245...
CVE-2025-5469 Dylib Hijacking in Yandex Messenger
Uncontrolled Search Path Element vulnerability in Yandex Messenger on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.245...
CVE-2025-5469 Dylib Hijacking in Yandex Messenger
Uncontrolled Search Path Element vulnerability in Yandex Messenger on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.245...
PT-2025-50090
Name of the Vulnerable Software and Affected Versions Yandex Telemost versions prior to 2.19.1 Description An uncontrolled search path element issue exists in Yandex Telemost on MacOS, enabling search order hijacking. This allows an attacker to potentially manipulate the system's search path to...
CVE-2025-64695
Uncontrolled search path element issue exists in the installer of LogStare Collector for Windows. If exploited, arbitrary code may be executed with the privilege of the user invoking the installer...
CVE-2025-64695
Uncontrolled search path element issue exists in the installer of LogStare Collector for Windows. If exploited, arbitrary code may be executed with the privilege of the user invoking the installer...
CVE-2025-64695
Uncontrolled search path element issue exists in the installer of LogStare Collector for Windows. If exploited, arbitrary code may be executed with the privilege of the user invoking the installer...
EUVD-2025-198417
Uncontrolled search path element issue exists in the installer of LogStare Collector for Windows. If exploited, arbitrary code may be executed with the privilege of the user invoking the installer...
CVE-2025-23358
NVIDIA NVApp for Windows contains a vulnerability in the installer, where a local attacker can cause a search path element issue. A successful exploit of this vulnerability might lead to code execution and escalation of privileges...
Exploit for Uncontrolled Search Path Element in Needrestart_Project Needrestart
Po...
JLSEC-2025-181 Uncontrolled search path element in the Intel(R) oneAPI Toolkit OpenMP before version 2022.1 may all...
Uncontrolled search path element in the IntelR oneAPI Toolkit OpenMP before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2025-26860
RemoteCall Remote Support Program for Operator versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
CVE-2025-26860
RemoteCall Remote Support Program for Operator versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
RSUPPORT RemoteCall Remote Support Program 代码问题漏洞
RSUPPORT RemoteCall Remote Support Program is a remote assistance software from the Korean company RSUPPORT. A code issue vulnerability exists in RSUPPORT RemoteCall Remote Support Program versions prior to 5.3.0, which stems from an uncontrolled search path element that could lead to the executi...
EUVD-2025-34235
An Uncontrolled Search Path Element vulnerability CWE-427 in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder...
CVE-2025-57716
FortiClient on Windows is affected by an Uncontrolled Search Path Element (CWE-427) vulnerability across FortiClient versions 7.0–7.2.11 and 7.4.0–7.4.3. The issue enables local, low-privilege users to perform a DLL hijacking attack by placing a malicious DLL in the FortiClient Online Installer i...
PT-2025-41961
Name of the Vulnerable Software and Affected Versions FortiClient versions 7.0 through 7.2.11 and 7.4.0 through 7.4.3 Description An uncontrolled search path element issue exists in FortiClient on Windows. A local, low-privileged user could potentially perform a DLL hijacking attack by placing a...
Uncontrolled Search Path Element
tkeasygui is vulnerable to Uncontrolled Search Path Element. The vulnerability is due to improper control over the directories searched for executable files, which allows an attacker to place malicious files in a trusted path and execute arbitrary code with the privileges of the running program...