8722 matches found
CVE-2025-40945
A vulnerability has been identified in COMOS V10.4.5 All versions V10.4.5.0.2, COMOS V10.6 All versions V10.6.1, Designcenter NX All versions V2512.7000, Simcenter 3D All versions V2512.7000, Simcenter Femap V2506 All versions V2506.0003, Simcenter Femap V2512 All versions V2512.0002, Simcenter...
CVE-2025-40945
A vulnerability has been identified in COMOS V10.4.5 All versions V10.4.5.0.2, COMOS V10.6 All versions V10.6.1, Designcenter NX All versions V2512.7000, Simcenter 3D All versions V2512.7000, Simcenter Femap V2506 All versions V2506.0003, Simcenter Femap V2512 All versions V2512.0002, Simcenter...
CVE-2025-40945
CVE-2025-40945 affects multiple Siemens/Siemens Digital Industries software (e.g., COMOS, Designcenter NX, Simcenter suite, Solid Edge, Teamcenter Visualization, Tecnomatix, etc.) across numerous versions. The vulnerability is described as an untrusted search path in the IAM Client SDK that may a...
CVE-2026-48364
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Sco...
CVE-2026-48363
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Sco...
CVE-2026-48363 ColdFusion | Uncontrolled Search Path Element (CWE-427)
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Sco...
CVE-2026-48363
CVE-2026-48363 affects ColdFusion versions 2025.9, 2023.20 and earlier. It is an Uncontrolled Search Path Element vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (the victim must open a malicious file). The issue...
CVE-2026-48364 ColdFusion | Uncontrolled Search Path Element (CWE-427)
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Sco...
CVE-2026-48364
CVE-2026-48364 affects ColdFusion versions 2025.9, 2023.20 and earlier. It is an Uncontrolled Search Path Element vulnerability that could enable arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file); the impact is ...
CVE-2026-15515
A security vulnerability has been detected in Tencent PC Manager 18.1.30242.301. This issue affects some unknown processing in the library qmudisk64.sys of the component QMUDisk Driver. The manipulation leads to uncontrolled search path. The attack must be carried out locally. The attack is...
CVE-2026-15515
The CVE-2026-15515 entry concerns Tencent PC Manager (version 18.1.30242.301) and its QMUDisk Driver component, specifically the qmudisk64.sys library. The vulnerability is described as an uncontrolled search path issue in the QMUDisk Driver, exploitable only via a local attack. The description n...
CVE-2026-56437
Uncontrolled search path element issue exists in Pupsman versions prior to 3.9.0. If a crafted DLL file is placed in the same folder as the affected installer and the installer is executed, arbitrary code may be executed with SYSTEM privilege...
EUVD-2026-42165
Uncontrolled search path element issue exists in Pupsman versions prior to 3.9.0. If a crafted DLL file is placed in the same folder as the affected installer and the installer is executed, arbitrary code may be executed with SYSTEM privilege...
CVE-2026-56437
Uncontrolled search path element issue exists in Pupsman versions prior to 3.9.0. If a crafted DLL file is placed in the same folder as the affected installer and the installer is executed, arbitrary code may be executed with SYSTEM privilege...
CVE-2026-56437
The CVE-2026-56437 issue affects Pupsman versions prior to 3.9.0. An Uncontrolled search path element allows arbitrary code execution with SYSTEM privileges if a crafted DLL is placed in the same folder as the affected installer and the installer is executed. No exploitation details or fixes are ...
PYSEC-2026-1477 Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Impact On Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration files affecting other users. Only shared Windows systems with multiple users and unprotected %PROGRAMDATA% are affected...
CVE-2026-6901
Untrusted Search Path vulnerability in B&R Industrial Automation GmbH APROL. This issue affects APROL: before R 4.4-01P5...
CVE-2026-6901 Untrusted Search Path
Untrusted Search Path vulnerability in B&R Industrial Automation GmbH APROL. This issue affects APROL: before R 4.4-01P5...
EUVD-2026-41870
Untrusted Search Path vulnerability in B&R Industrial Automation GmbH APROL. This issue affects APROL: before R 4.4-01P5...
CVE-2026-6901
CVE-2026-6901 affects B&R Industrial Automation GmbH APROL (pre-R 4.4-01P5). The vulnerability is described as an Untrusted Search Path issue. According to the provided metrics, the impact is high for confidentiality and integrity (CVSS v3.1: HIGH/C:H/I:H; LOCAL access, no user interaction) with ...