CVE-2023-52945

Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors...

PT-2026-33412

A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It is indicated that...

PT-2026-23987

Name of the Vulnerable Software and Affected Versions UltraVNC version 1.6.4.0 Description A weakness exists in UltraVNC 1.6.4.0 on Windows. The issue affects an unknown function within the cryptbase.dll library of the Windows Service component, leading to an uncontrolled search path. Local acces...

Linux Distros Unpatched Vulnerability : CVE-2025-15569

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the function getsystemdpi of the file platform/x11/winmain.c. This...

Oracle Linux 8 : glibc (ELSA-2025-28054)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-28054 advisory. - CVE-2025-8058: Double free in regcomp RHEL-105326 - CVE-2025-4802: static setuid dlopen may search LDLIBRARYPATH RHEL-92685 Tenable has extracted the precedi...

CLSA-2025-1765379145 golang: Fix of CVE-2025-47906

CVE-2025-47906: fix issue where certain strings could cause executables in PATH variable to be returned by LookPath function...

Intel Killer 代码问题漏洞

Intel Killer is a wireless network card driver from Intel Corporation USA. A code issue vulnerability exists in Intel Killer versions prior to 4.0 40.25.509.1465, which stems from an uncontrolled search path that could lead to elevated privileges...

PT-2025-44234

Name of the Vulnerable Software and Affected Versions WTW EAGLE for Windows version 3.0.8.0 Description The installer for WTW EAGLE for Windows has a DLL search path issue that could allow for the insecure loading of Dynamic Link Libraries. This could potentially lead to the execution of arbitrar...

EulerOS 2.0 SP13 : git (EulerOS-SA-2025-2256)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: git (UTSA-2025-984679)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984679 advisory. Git GUI allows you to use the Git source control management tools via a GUI. A malicious repository can ship versions of sh.exe or typical textconv filter programs...

RLSA-2025:8655 Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

EUVD-2023-51194

Malicious code in bioql PyPI...

ALPINE-CVE-2025-46334

Git GUI allows you to use the Git source control management tools via a GUI. A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. Due to the unfortunate design of Tcl on Windows, the search path when looking for an executable always includes...

Intel Video Processing Library 代码问题漏洞

Intel Video Processing Library Intel VPL is a video processing library from Intel Corporation USA. A code issue vulnerability exists in Intel Video Processing Library versions prior to 2023.4.0 that stems from an unrestricted path search that results in elevated local privileges...

PT-2024-6793 · Microsoft · 365 Apps For Enterprise +1

Name of the Vulnerable Software and Affected Versions: Microsoft Office affected versions not specified Microsoft 365 Apps for Enterprise affected versions not specified Description: The issue is related to the use of an unreliable path search in Microsoft Office and Microsoft 365 Apps for...

CVE-2023-47039

A vulnerability was found in Perl. This security issue occurs while Perl for Windows relies on the system path environment variable to find the shell cmd.exe. When running an executable that uses the Windows Perl interpreter, Perl attempts to find and execute cmd.exe within the operating system...

CVE-2023-47039 Perl: perl for windows binary hijacking vulnerability

A vulnerability was found in Perl. This security issue occurs while Perl for Windows relies on the system path environment variable to find the shell cmd.exe. When running an executable that uses the Windows Perl interpreter, Perl attempts to find and execute cmd.exe within the operating system...

SUSE CVE-2023-47039

A vulnerability was found in Perl. This security issue occurs while Perl for Windows relies on the system path environment variable to find the shell cmd.exe. When running an executable that uses the Windows Perl interpreter, Perl attempts to find and execute cmd.exe within the operating system...

Perl Security Vulnerabilities

Perl is a general-purpose, interpreted, dynamic, cross-platform programming language from the PERL community. A security vulnerability exists in Perl, which can be exploited to execute arbitrary code when running an executable that uses the Windows Perl interpreter, due to a path search order iss...

CVE-2023-34391

Insecure Inherited Permissions vulnerability in Schweitzer Engineering Laboratories SEL-5033 AcSELerator RTAC Software on Windows allows Leveraging/Manipulating Configuration File Search Paths. See Instruction Manual Appendix A Cybersecurity tag dated 20230522 for more details. This issue affects...