Lucene search
+L

2646 matches found

nvd
nvd
added 2 days ago6 views

CVE-2026-48272

Creative Cloud Desktop is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. Scop...

7.8CVSS0.00131EPSS
Exploits0References1
cve
cve
added 2 days ago11 views

CVE-2026-48272

CVE-2026-48272 affects Creative Cloud Desktop and involves an Uncontrolled Search Path Element (CWE-427) that could lead to arbitrary code execution in the context of the current user. Exploitation is local, does not require user interaction, and the attack surface is constrained by the patch/sco...

7.8CVSS6.5AI score0.00131EPSS
Exploits0References1
cvelist
cvelist
added 2 days ago38 views

CVE-2026-48272 Creative Cloud Desktop | Uncontrolled Search Path Element (CWE-427)

Creative Cloud Desktop is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. Scop...

7.8CVSS0.00131EPSS
Exploits0References1
nvd
nvd
added 3 days ago4 views

CVE-2026-48364

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Sco...

8.2CVSS0.00158EPSS
Exploits0References1
cve
cve
added 3 days ago15 views

CVE-2026-48363

CVE-2026-48363 affects ColdFusion versions 2025.9, 2023.20 and earlier. It is an Uncontrolled Search Path Element vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (the victim must open a malicious file). The issue...

8.2CVSS6.5AI score0.00158EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 3 days ago32 views

CVE-2026-48363 ColdFusion | Uncontrolled Search Path Element (CWE-427)

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Sco...

8.2CVSS0.00158EPSS
Exploits0References1
cve
cve
added 3 days ago30 views

CVE-2026-48364

CVE-2026-48364 affects ColdFusion versions 2025.9, 2023.20 and earlier. It is an Uncontrolled Search Path Element vulnerability that could enable arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file); the impact is ...

8.2CVSS6.5AI score0.00158EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 3 days ago32 views

CVE-2026-48364 ColdFusion | Uncontrolled Search Path Element (CWE-427)

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Sco...

8.2CVSS0.00158EPSS
Exploits0References1
cve
cve
added 3 days ago20 views

CVE-2026-15515

The CVE-2026-15515 entry concerns Tencent PC Manager (version 18.1.30242.301) and its QMUDisk Driver component, specifically the qmudisk64.sys library. The vulnerability is described as an uncontrolled search path issue in the QMUDisk Driver, exploitable only via a local attack. The description n...

7.3CVSS6.3AI score0.00116EPSS
Exploits0References5
cvelist
cvelist
added 3 days ago37 views

CVE-2026-15515 Tencent PC Manager QMUDisk Driver qmudisk64.sys uncontrolled search path

A security vulnerability has been detected in Tencent PC Manager 18.1.30242.301. This issue affects some unknown processing in the library qmudisk64.sys of the component QMUDisk Driver. The manipulation leads to uncontrolled search path. The attack must be carried out locally. The attack is...

7.3CVSS0.00116EPSS
Exploits0References5
ptsecurity
ptsecurity
added 3 days ago5 views

PT-2026-57864

Name of the Vulnerable Software and Affected Versions ColdFusion versions 2025.9 and earlier ColdFusion versions 2023.20 and earlier Description An Uncontrolled Search Path Element issue exists that could allow arbitrary code execution in the context of the current user. This occurs when the...

8.2CVSS6.5AI score0.00158EPSS
Exploits0References5
cve
cve
added 2026/07/08 4:38 a.m.9 views

CVE-2026-56437

The CVE-2026-56437 issue affects Pupsman versions prior to 3.9.0. An Uncontrolled search path element allows arbitrary code execution with SYSTEM privileges if a crafted DLL is placed in the same folder as the affected installer and the installer is executed. No exploitation details or fixes are ...

8.4CVSS7.2AI score0.00134EPSS
Exploits0References2
cvelist
cvelist
added 2026/07/08 4:38 a.m.34 views

CVE-2026-56437

Uncontrolled search path element issue exists in Pupsman versions prior to 3.9.0. If a crafted DLL file is placed in the same folder as the affected installer and the installer is executed, arbitrary code may be executed with SYSTEM privilege...

8.4CVSS0.00134EPSS
Exploits0References2
euvd
euvd
added 2026/07/08 4:38 a.m.7 views

EUVD-2026-42165

Uncontrolled search path element issue exists in Pupsman versions prior to 3.9.0. If a crafted DLL file is placed in the same folder as the affected installer and the installer is executed, arbitrary code may be executed with SYSTEM privilege...

8.4CVSS6.1AI score0.00134EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/07/08 4:38 a.m.7 views

CVE-2026-56437

Uncontrolled search path element issue exists in Pupsman versions prior to 3.9.0. If a crafted DLL file is placed in the same folder as the affected installer and the installer is executed, arbitrary code may be executed with SYSTEM privilege...

8.4CVSS7.2AI score0.00134EPSS
Exploits0References3Affected Software1
osv
osv
added 2026/07/07 4:2 p.m.5 views

PYSEC-2026-1477 Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Impact On Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration files affecting other users. Only shared Windows systems with multiple users and unprotected %PROGRAMDATA% are affected...

7.3CVSS7.1AI score0.00154EPSS
Exploits0References6
cve
cve
added 2026/06/30 10:15 p.m.21 views

CVE-2026-54672

CVE-2026-54672 : The issue affects electron-updater with AppImage targets built by app-builder-lib prior to 26.15.0. At runtime, an empty path component in LD_LIBRARY_PATH can cause the current working directory to be added to the dynamic linker search path, potentially enabling an attacker to pl...

7.8CVSS6.1AI score0.00129EPSS
Exploits0References2
cve
cve
added 2026/06/26 8:16 p.m.11 views

CVE-2026-46710

Notepad++ is affected by a local privilege escalation vulnerability in the installer (CVE-2026-46710) detected in versions 8.9.4–8.9.6. During installation, the installer launches powershell.exe without an absolute path after setting the working directory to the installation contextMenu directory...

7.8CVSS5.8AI score0.00108EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2026/06/23 5:16 p.m.8 views

CVE-2025-13162

Uncontrolled Search Path Element vulnerability in ABB Control Builder A, ABB 800xA for Advant Master. This issue affects Control Builder A: through 1.4/4; 800xA for Advant Master: through 6.0.3-1, through 6.1.1-1, 6.1.1-3, 6.2.0-1...

4.4CVSS0.00083EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/23 4:12 p.m.44 views

CVE-2025-13162 Advant Master Online Builder DLL vulnerability

Uncontrolled Search Path Element vulnerability in ABB Control Builder A, ABB 800xA for Advant Master. This issue affects Control Builder A: through 1.4/4; 800xA for Advant Master: through 6.0.3-1, through 6.1.1-1, 6.1.1-3, 6.2.0-1...

4.4CVSS0.00083EPSS
Exploits0References1
Rows per page
Query Builder