Lucene search
K

50 matches found

CVE
CVE
added 2025/09/23 1:11 p.m.18 views

CVE-2025-9844

CVE-2025-9844 (Salesforce CLI on Windows) Affected software: Salesforce CLI (Salesforce) on Windows.Root cause: Uncontrolled Search Path Element that can lead to replacement of a trusted executable.Impact: Potential code execution through replacing a trusted executable; CVSS v3.1 base score 8.8 (...

8.8CVSS6.6AI score0.00441EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/17 6:33 a.m.27 views

CVE-2025-9016

A vulnerability was identified in Mechrevo Control Center GX V2 5.56.51.48. This affects an unknown part of the file C:\Program Files\OEM\机械革命控制中心\AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to uncontrolled search path. Local access is...

7.3CVSS7.1AI score0.00151EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/12 8:36 p.m.6 views

CVE-2025-49571 Substance3D - Modeler | Uncontrolled Search Path Element (CWE-427)

Substance3D - Modeler versions 1.22.0 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. If the application uses an uncontrolled search path to locate critical resources such as programs, ...

7.8CVSS0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.4 views

Trend Micro Apex One Data Loss Prevention 代码问题漏洞

Trend Micro Apex One Data Loss Prevention is a data exfiltration prevention system from Trend Micro. A security vulnerability exists in Trend Micro Apex One Data Loss Prevention that stems from an uncontrolled search path that could lead to the execution of arbitrary code...

8.8CVSS6.7AI score0.0079EPSS
Exploits0References4
NVD
NVD
added 2025/05/24 5:15 p.m.17 views

CVE-2025-5129

A vulnerability has been found in Sangfor 零信任访问控制系统 aTrust 2.3.10.60 and classified as critical. Affected by this vulnerability is an unknown functionality in the library MSASN1.dll. The manipulation leads to uncontrolled search path. Local access is required to approach this attack. The complexi...

7.3CVSS0.0025EPSS
Exploits1References5
NVD
NVD
added 2025/05/11 11:15 a.m.71 views

CVE-2025-4539

A vulnerability was found in Hainan ToDesk 4.7.6.3. It has been declared as critical. This vulnerability affects unknown code in the library profapi.dll of the component DLL File Parser. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The...

7.3CVSS0.00179EPSS
Exploits0References5
NVD
NVD
added 2025/05/11 6:15 a.m.19 views

CVE-2025-4532

A vulnerability classified as critical has been found in Shanghai Bairui Information Technology SunloginClient 15.8.3.19819. This affects an unknown part in the library process.dll of the file sunloginguard.exe. The manipulation leads to uncontrolled search path. Local access is required to...

7.3CVSS0.00168EPSS
Exploits0References4
OSV
OSV
added 2025/04/09 7:15 p.m.3 views

CVE-2025-2629

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW when loading NI Error Reporting. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path...

7.8CVSS6AI score0.00184EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/20 12:0 a.m.4 views

PT-2025-7322

Name of the Vulnerable Software and Affected Versions Carrier - Block Load versions 4.00 through 4.16 Description An uncontrolled search path element issue exists, potentially allowing an attacker to perform DLL hijacking and execute arbitrary code with elevated privileges. This issue is reported...

7.8CVSS5.9AI score0.00356EPSS
Exploits0References18
Positive Technologies
Positive Technologies
added 2024/11/17 12:0 a.m.9 views

PT-2024-8540 · Unknown +3 · Needrestart +3

Name of the Vulnerable Software and Affected Versions: needrestart versions prior to 3.8 Description: The issue is related to an uncontrolled search path element in the needrestart utility. Exploitation of this issue may allow an attacker to execute arbitrary code in the context of the root user ...

7.8CVSS9AI score0.19924EPSS
Exploits16References60
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.5 views

Intel High Level Synthesis Compiler 代码问题漏洞

Intel High Level Synthesis Compiler is a High Level Synthesis HLS tool from Intel Corporation. A code issue vulnerability exists in Intel High Level Synthesis Compiler that stems from an uncontrolled search path. An attacker could exploit this vulnerability to gain elevated privileges...

6.7CVSS7AI score0.00176EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/08/19 12:0 a.m.5 views

The vulnerability of the Dell Peripheral Manager software relates to an uncontrolled search path element, which allows a perpetrator to escalate their privileges or execute arbitrary code.

The vulnerability of the Dell Peripheral Manager software relates to an uncontrolled search path element. Exploiting this vulnerability can allow attackers to enhance their privileges or execute arbitrary code...

7.3CVSS5.8AI score0.00202EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/08/14 2:15 p.m.3 views

CVE-2024-24977

Uncontrolled search path for some IntelR License Manager for FLEXlm product software before version 11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS5.8AI score0.00139EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/13 12:0 a.m.5 views

PT-2024-7024 · Microsoft +1 · Windows +2

Name of the Vulnerable Software and Affected Versions: Intel Ethernet Adapter Complete Driver Pack versions affected versions not specified IntelR Ethernet Connection I219-LM affected versions not specified Description: The issue is related to an uncontrolled search path element in the installer...

6.7CVSS6.9AI score0.00154EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/16 12:0 a.m.14 views

Intel Processor Diagnostic Tool 安全漏洞

Intel Processor Diagnostic Tool IPDT is a processor functionality diagnostic tool from Intel Corporation USA. A security vulnerability previously existed in Intel Processor Diagnostic Tool version 4.1.9.41, which stemmed from an uncontrolled search path issue. It could allow an authenticated user...

7.8CVSS6.6AI score0.00189EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/12/17 12:0 a.m.5 views

PeaZip Code Issue Vulnerability

PeaZip is a free Zip software and Rar extractor from the individual developer Giorgio Tani. A code issue vulnerability exists in PeaZip version 9.4.0, which stems from an uncontrolled search path issue...

7.8CVSS7.1AI score0.00302EPSS
Exploits0References4
NVD
NVD
added 2023/11/27 2:15 p.m.20 views

CVE-2023-4931

Uncontrolled search path element vulnerability in Plesk Installer affects version 3.27.0.0. A local attacker could execute arbitrary code by injecting DLL files into the same folder where the application is installed, resulting in DLL hijacking in edputil.dll, samlib.dll, urlmon.dll, sspicli.dll,...

7.8CVSS0.00249EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/21 12:0 a.m.5 views

Duet Display Security Vulnerability

Duet Display is a remote desktop application. A security vulnerability exists in Duet Display version 2.5.9.1 that stems from the presence of an uncontrolled search path element vulnerability. An attacker can place an arbitrary libusk.dll file in the C:UsersuserAppDataLocalMicrosoftWindowsApps...

7.8CVSS7.7AI score0.0026EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/11/17 12:0 a.m.6 views

The vulnerability of the software installer for SanDisk SecureAccess drives allows a hacker to execute arbitrary code.

The vulnerability of the software installer for SanDisk SecureAccess drives relates to an uncontrolled search path element. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

7.3CVSS7.6AI score0.00246EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2023/09/30 12:0 a.m.4 views

Caphyon Ltd Advanced Installer Code Issue Vulnerability

Caphyon Ltd Advanced Installer is a powerful and easy-to-use Windows installer authoring tool from Caphyon Romania. It is used to install, update and configure products safely and reliably. A code issue vulnerability exists in Caphyon Ltd Advanced Installer version 19.7. An attacker could exploit...

7.8CVSS7AI score0.00387EPSS
Exploits1References5
Rows per page
Query Builder