Lucene search
K

32 matches found

Cvelist
Cvelist
added 2026/06/16 3:16 p.m.27 views

CVE-2024-22451

Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious executable, leading to arbitrary code execution...

6.7CVSS0.00099EPSS
Exploits0References1
OSV
OSV
added 2026/04/09 9:32 p.m.11 views

JLSEC-2026-68

The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. Code in /usr/lib is not necessarily safe for loading into ssh-agent. NOTE: this issue exists because o...

9.8CVSS7.5AI score0.76768EPSS
Exploits10References40
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.5 views

NewStart CGSL MAIN 6.06 (SP) : openssh Vulnerability (NS-SA-2026-0030)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has openssh packages installed that are affected by a vulnerability: - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to a...

9.8CVSS7.8AI score0.76768EPSS
Exploits13References3
RedhatCVE
RedhatCVE
added 2026/02/20 1:22 a.m.4 views

CVE-2026-25926

Notepad++ is a free and open-source source code editor. An Unsafe Search Path vulnerability CWE-426 exists in versions prior to 8.9.2 when launching Windows Explorer without an absolute executable path. This may allow execution of a malicious explorer.exe if an attacker can control the process...

7.3CVSS6.5AI score0.00248EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/02/20 12:0 a.m.40 views

Notepad++ < 8.9.2 Unsafe Search Path (GHSA-rjvm-fcxw-2jxq)

The version of Notepad++ installed on the remote host is prior to 8.9.2. It is, therefore, affected by a vulnerability: - An Unsafe Search Path vulnerability CWE-426 exists when launching Windows Explorer without an absolute executable path. This may allow execution of a malicious explorer.exe if...

7.3CVSS9.2AI score0.00248EPSS
Exploits1References2
NVD
NVD
added 2026/02/19 12:16 a.m.10 views

CVE-2026-25926

Notepad++ is a free and open-source source code editor. An Unsafe Search Path vulnerability CWE-426 exists in versions prior to 8.9.2 when launching Windows Explorer without an absolute executable path. This may allow execution of a malicious explorer.exe if an attacker can control the process...

7.3CVSS0.00248EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2026/02/18 7:40 a.m.25 views

Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware

Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to targets of interest. The version 8.9.2 update incorporates what maintainer Don Ho calls a "double lock" design th...

7.7CVSS7.1AI score0.01268EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/02/16 12:0 a.m.7 views

PT-2026-20553

Name of the Vulnerable Software and Affected Versions Notepad++ versions prior to 8.9.2 Description Notepad++ is a free and open-source source code editor. An Unsafe Search Path issue CWE-426 exists when launching Windows Explorer without an absolute executable path. This could allow execution of...

7.3CVSS6.6AI score0.00248EPSS
Exploits1References14
EUVD
EUVD
added 2025/12/09 6:11 p.m.4 views

EUVD-2025-202184

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAINFY.DLL from its application directo without sufficient integrity validation or secure search order. If the...

8.5CVSS7.1AI score0.00158EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/02 9:49 p.m.4 views

EUVD-2025-200373

Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves...

7.8CVSS6.9AI score0.00439EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-15164

Malware in sbrugna...

9.3CVSS7.7AI score0.02613EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-19432

Malware in sbrugna...

7.8CVSS7.6AI score0.00243EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/23 12:0 a.m.1 views

Salesforce CLI 安全漏洞

Salesforce CLI is a command line tool from Salesforce, Inc. that interacts with the Salesforce platform. A security vulnerability exists in Salesforce CLI versions prior to 2.106.6 that stems from an uncontrolled search path element that could lead to the replacement of trusted executables...

8.8CVSS9.1AI score0.00441EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 3:43 p.m.7 views

CVE-2020-9287

An Unsafe Search Path vulnerability in FortiClient EMS online installer 6.2.1 and below may allow a local attacker with control over the directory in which FortiClientEMSOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious Filter Library DLL files in that...

7.8CVSS7.5AI score0.00599EPSS
Exploits0References1
OSV
OSV
added 2024/05/03 3:15 a.m.2 views

CVE-2023-44439

Ashlar-Vellum Xenon Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Xenon. User interaction is required to exploit this vulnerability in that the target must visit...

8.8CVSS6.2AI score0.00825EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/08/02 8:0 a.m.5 views

openssh: Remote code execution in ssh-agent PKCS#11 support

A vulnerability was found in OpenSSH. The PKCS11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into ssh-agent...

9.8CVSS8.1AI score0.76768EPSS
Exploits10References5
RedHat Linux
RedHat Linux
added 2023/08/01 9:36 a.m.6 views

openssh: Remote code execution in ssh-agent PKCS#11 support

A vulnerability was found in OpenSSH. The PKCS11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into ssh-agent...

9.8CVSS8.1AI score0.76768EPSS
Exploits10References5
OSV
OSV
added 2023/07/20 3:15 a.m.12 views

AZL-27651 CVE-2023-38408 affecting package openssh for versions less than 8.9p1-1

The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. Code in /usr/lib is not necessarily safe for loading into ssh-agent. NOTE: this issue exists because o...

9.8CVSS7.5AI score0.76768EPSS
Exploits10References1
OSV
OSV
added 2023/07/20 3:15 a.m.4 views

ALPINE-CVE-2023-38408

The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. Code in /usr/lib is not necessarily safe for loading into ssh-agent. NOTE: this issue exists because o...

9.8CVSS8.2AI score0.76768EPSS
Exploits10References1
CNNVD
CNNVD
added 2023/05/10 12:0 a.m.4 views

Intel NUC Pro Software Suite 代码问题漏洞

Intel NUC Pro Software Suite is an application from Intel Corporation USA. A security vulnerability exists in Intel NUC Pro Software Suite versions prior to 2.0.0.3, which stems from the presence of an uncontrolled search path that could allow an authenticated user to potentially enable privilege...

7.8CVSS7.3AI score0.00169EPSS
Exploits0References2
Rows per page
Query Builder