8693 matches found
CVE-2026-8637
A potential uncontrolled search path vulnerability was reported in the LanSchool Classic client application that could allow a local authenticated user to execute arbitrary code with elevated privileges...
PT-2026-48454
A potential uncontrolled search path vulnerability was reported in the LanSchool Classic client application that could allow a local authenticated user to execute arbitrary code with elevated privileges...
Security Bulletin: IBM i is Affected by Privilege Escalation [CVE-2026-7870]
Summary IBM i is vulnerable to privilege escalation due to an unqualified library call CVE-2026-7870 as described in the vulnerability details section. Vulnerability Details CVEID:CVE-2026-7870 DESCRIPTION: IBM i could allow a user to gain elevated privileges due to an unqualified library call. A...
CVE-2026-47937
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. An attacker with high privileges could exploit this vulnerability to execute arbitrary...
CVE-2026-47937 Acrobat Reader | Uncontrolled Search Path Element (CWE-427)
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. An attacker with high privileges could exploit this vulnerability to execute arbitrary...
CVE-2026-47937
CVE-2026-47937 affects Adobe Acrobat Reader up to version 24.001.30365 and 26.001.21651 (and earlier). The issue is an Uncontrolled Search Path Element (CWE-427) that could enable arbitrary code execution in the context of the current user. Exploitation requires user interaction : a victim must o...
EUVD-2026-35826
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...
CVE-2026-47937 Acrobat Reader | Uncontrolled Search Path Element (CWE-427)
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. An attacker with high privileges could exploit this vulnerability to execute arbitrary...
EUVD-2026-35515
Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally...
CVE-2026-48565
Untrusted search path in Windows Narrator Braille allows an authorized attacker to elevate privileges locally...
CVE-2026-47648
Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally...
CVE-2026-48565
Windows Narrator Braille contains an untrusted search path vulnerability that can elevate privileges locally for an authorized user. Root cause is an untrusted search path in the Narrator Braille component, with an attacker able to exploit it without user interaction. CVSSv3.1 metrics indicate AV...
EUVD-2026-35585
Untrusted search path in Windows Narrator Braille allows an authorized attacker to elevate privileges locally...
CVE-2026-47648
CVE-2026-47648 — Windows Storage contains an untrusted search path vulnerability that enables a locally authenticated attacker to perform privilege escalation. The issue arises from a trusted component loading an untrusted search path, potentially elevating privileges with high impact (C/H/I/H/A/...
Windows Narrator Braille Elevation of Privilege Vulnerability
Untrusted search path in Windows Narrator Braille allows an authorized attacker to elevate privileges locally...
Privilege Escalation
AWS Advanced JDBC Wrapper is vulnerable to Privilege Escalation. The vulnerability is due to an untrusted search path issue in the GlobalDatabasePlugin, where a low-privileged authenticated user can create a crafted function that is executed when another user connects through the affected wrapper...
CamView installer insecurely loads Dynamic Link Libraries
Overview CamView installer provided by ARUCOM Inc. insecurely loads Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2015-9268 The CVSS evaluation above assume that a victim user is directed to download and place a specially crafted DLL file with the affected installer and t...
PT-2026-48103
Name of the Vulnerable Software and Affected Versions Microsoft Windows Narrator Braille affected versions not specified Description An untrusted search path in Windows Narrator Braille allows an authorized attacker to elevate privileges locally. This issue is related to an exposed dangerous...
Adobe Acrobat Reader 代码问题漏洞
Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. in the United States. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30365, 26.001.21651, and earlier versions have code vulnerabilities. These vulnerabilities...
PT-2026-48039
Name of the Vulnerable Software and Affected Versions Windows Storage affected versions not specified Description An untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally. Privilege escalation occurs when an application searches for a required file i...