Installer of OM Workspace (Windows Edition) may insecurely load Dynamic Link Libraries

Overview OM Workspace provided by OM Digital Solutions Corporation is image editing software. Installer of OM Workspace Windows Edition contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element...

Installer of M-Audio M-Track Duo HD may insecurely load Dynamic Link Libraries

Overview The installer of M-Track Duo HD provided by M-Audio contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-25676 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc...

CVE-2021-22775

A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software...

CVE-2020-7474

A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProSoft Configurator v1.002 and prior, for the PMEPXM0100 H module, which could cause the execution of untrusted code when using double click to open a project file which may trigger execution of a malicious DLL...

EUVD-2019-16379

Malware in sbrugna...

EUVD-2018-1957

Malware in sbrugna...

EUVD-2023-43099

Malicious code in bioql PyPI...

EUVD-2021-9910

Malicious code in bioql PyPI...

EUVD-2022-37703

Malicious code in bioql PyPI...

CVE-2025-23177

CVE-2025-23177 affects Ribbon Communications Apollo 9608 SBC. Connected sources identify the issue as CWE-427: Uncontrolled Search Path Element, with specific mentions of Apollo 9608 version v9.6R3 being implicated (PT-2025-18181 and CNNVD-202504-3975 align on this version). The Red Hat/NVD/CVE r...

Siemens Questa and ModelSim

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

CVE-2024-45246

CVE-2024-45246 concerns Diebold Nixdorf Vynamic View Console with an Uncontrolled Search Path Element (CWE-427). Public sources indicate affected versions are prior to 5.9.5 (CNNVD) and that the issue could enable arbitrary code execution and privilege escalation. The CNNVD description additional...

CVE-2024-45246 Diebold Nixdorf – CWE-427: Uncontrolled Search Path Element

Diebold Nixdorf – CWE-427: Uncontrolled Search Path Element...

CVE-2024-45246 Diebold Nixdorf – CWE-427: Uncontrolled Search Path Element

Diebold Nixdorf – CWE-427: Uncontrolled Search Path Element...

GHSA-R4PF-3V7R-HH55 electron-builder's NSIS installer - execute arbitrary code on the target machine (Windows only)

Impact Windows-Only: The NSIS installer makes a system call to open cmd.exe via NSExec in the .nsh installer script. NSExec by default searches the current directory of where the installer is located before searching PATH. This means that if an attacker can place a malicious executable file named...

Security Bulletin: NVIDIA GPU Display Driver - October 2023

NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin. To protect your system, download and install this software update through the NVIDIA Driver Downloads page or, for the vGPU software and Cloud Gaming updates,...

CVE-2023-39374

ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element...

CVE-2023-39374

CVE-2023-39374 affects ForeScout NAC SecureConnector 11.2. The issue is described as CWE-427: Uncontrolled Search Path Element, attributed to an uncontrolled search path element in the affected software. According to NVD/NVD-derived metrics, the vulnerability is rated CVSS v3.1 base score 7.8 (HI...

CVE-2023-39374 ForeScout NAC SecureConnector – CWE-427: Uncontrolled Search Path Element

ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element...

CVE-2023-39374 ForeScout NAC SecureConnector – CWE-427: Uncontrolled Search Path Element

ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element...