Total
1096 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-2769 | 1 Bdrive | 1 Netdrive | 2025-08-14 | N/A | 7.8 HIGH |
|
Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage ...
Show More |
|||||
| CVE-2025-49571 | 1 Adobe | 1 Substance 3d Modeler | 2025-08-13 | N/A | 7.8 HIGH |
|
Substance3D - Modeler versions 1.22.0 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. If the application uses an uncontrolled search path to locate critical resources such as programs, an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. Exploitation of this issue does not require user interaction.
|
|||||
| CVE-2025-20017 | 2025-08-13 | N/A | 6.7 MEDIUM | ||
|
Uncontrolled search path for some Intel(R) oneAPI Toolkit and component software installers may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2025-21093 | 2025-08-13 | N/A | 6.7 MEDIUM | ||
|
Uncontrolled search path element for some Intel(R) Driver & Support Assistant Tool software before version 24.6.49.8 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2025-24923 | 2025-08-13 | N/A | 6.7 MEDIUM | ||
|
Uncontrolled search path in some Intel(R) AI for Enterprise Retrieval-augmented Generation software may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2025-26404 | 2025-08-13 | N/A | 6.7 MEDIUM | ||
|
Uncontrolled search path for some Intel(R) DSA software before version 25.2.15.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2025-20048 | 2025-08-13 | N/A | 6.7 MEDIUM | ||
|
Uncontrolled search path for the Intel(R) Trace Analyzer and Collector software all verions may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2025-22838 | 2025-08-13 | N/A | 6.7 MEDIUM | ||
|
Uncontrolled search path for some Intel(R) RealSense(TM) Dynamic Calibrator software before version 2.14.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2025-20627 | 2025-08-13 | N/A | 6.7 MEDIUM | ||
|
Uncontrolled search path for some Intel(R) oneAPI DPC++/C++ Compiler software before version 2025.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2025-27717 | 2025-08-13 | N/A | 6.7 MEDIUM | ||
|
Uncontrolled search path for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable escalation of privilege via local access
|
|||||
| CVE-2025-20092 | 2025-08-13 | N/A | 6.7 MEDIUM | ||
|
Uncontrolled search path for some Clock Jitter Tool software before version 6.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2024-25050 | 1 Ibm | 2 I, Rational Developer For I | 2025-08-13 | N/A | 8.4 HIGH |
|
IBM i 7.2, 7.3, 7.4, 7.5 and IBM Rational Development Studio for i 7.2, 7.3, 7.4, 7.5 networking and compiler infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privileges. IBM X-Force ID: 283242.
|
|||||
| CVE-2023-27362 | 1 3cx | 1 3cx | 2025-08-13 | N/A | 7.8 HIGH |
|
3CX Uncontrolled Search Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of 3CX. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate p ...
Show More |
|||||
| CVE-2025-30033 | 2025-08-12 | N/A | 7.8 HIGH | ||
|
The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component.
|
|||||
| CVE-2023-44437 | 1 Ashlar | 1 Cobalt | 2025-08-08 | N/A | 7.8 HIGH |
|
Ashlar-Vellum Cobalt Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of various file types. The process loads a library from an unsecured location. An attacker can leverage this vul ...
Show More |
|||||
| CVE-2025-5981 | 1 Google | 1 Osv-scalibr | 2025-08-07 | N/A | 6.5 MEDIUM |
|
Arbitrary file write as the OSV-SCALIBR user on the host system via a path traversal vulnerability when using OSV-SCALIBR's unpack() function for container images. Particularly, when using the CLI flag --remote-image on untrusted container images.
|
|||||
| CVE-2025-1223 | 2 Apple, Citrix | 2 Macos, Secure Access Client | 2025-08-06 | N/A | 6.1 MEDIUM |
|
An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac
|
|||||
| CVE-2025-53395 | 2025-08-05 | N/A | 7.7 HIGH | ||
|
Paramount Macrium Reflect through 2025-06-26 allows local attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx backup file and a malicious VSSSvr.dll located in the same directory. When a user with administrative privileges mounts a backup by opening the .mrimgx file, Reflect loads the attacker's VSSSvr.dll after the mount completes. This occurs because of untrusted DLL search path behavior in ReflectMonitor.exe.
|
|||||
| CVE-2025-53394 | 2025-08-05 | N/A | 7.7 HIGH | ||
|
Paramount Macrium Reflect through 2025-06-26 allows attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx or .mrbax backup file and a renamed executable placed in the same directory. When a user with administrative privileges opens the crafted backup file and proceeds to mount it, Reflect launches the renamed executable (e.g., explorer.exe), which is under attacker control. This occurs because of insufficient validation of companion files referenced during backu ...
Show More |
|||||
| CVE-2024-39820 | 1 Zoom | 1 Workplace Desktop | 2025-08-05 | N/A | 6.6 MEDIUM |
|
Uncontrolled search path element in the installer for Zoom Workplace Desktop App for macOS before version 6.0.10 may allow an authenticated user to conduct a denial of service via local access.
|
|||||
| CVE-2025-0712 | 2025-07-31 | N/A | 7.0 HIGH | ||
|
An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges.
|
|||||
| CVE-2025-25011 | 2025-07-31 | N/A | 7.0 HIGH | ||
|
An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges.
|
|||||
| CVE-2022-28339 | 2 Microsoft, Trendmicro | 2 Windows, Housecall For Home Networks | 2025-07-29 | N/A | 7.3 HIGH |
|
Trend Micro HouseCall for Home Networks version 5.3.1302 and below contains an uncontrolled search patch element vulnerability that could allow an attacker with low user privileges to create a malicious DLL that could lead to escalated privileges.
|
|||||
| CVE-2024-13976 | 2025-07-29 | N/A | N/A | ||
|
A DLL injection vulnerability exists in Commvault for Windows 11.20.0, 11.28.0, 11.32.0, 11.34.0, and 11.36.0. During the installation of maintenance updates, an attacker with local access may exploit uncontrolled search path or DLL loading behavior to execute arbitrary code with elevated privileges. The vulnerability has been resolved in versions 11.20.202, 11.28.124, 11.32.65, 11.34.37, and 11.36.15.
|
|||||
| CVE-2025-7676 | 2025-07-29 | N/A | N/A | ||
|
DLL hijacking of all PE32 executables when run on Windows for ARM64 CPU architecture. This allows an attacker to execute code, if the attacker can plant a DLL in the same directory as the executable. Vulnerable versions of Windows 11 for ARM attempt to load Base DLLs that would ordinarily not be loaded from the application directory. Fixed in release 24H2, but present in all earlier versions of Windows 11 for ARM CPUs.
|
|||||
| CVE-2024-10389 | 1 Google | 1 Safearchive | 2025-07-23 | N/A | 7.5 HIGH |
|
There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems (e.g., NTFS). This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7ce9d7b6f9c6ecd72d0b0f16216b046e55e44dc
|
|||||
| CVE-2024-20338 | 2 Cisco, Linux | 2 Secure Client, Linux Kernel | 2025-07-22 | N/A | 7.3 HIGH |
|
A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device.
This vulnerability is due to the use of an uncontrolled search path element. An attacker could exploit this vulnerability by copying a malicious library file to a specific directory in the filesystem and persuading an administrator to restart a specific process. A successful exploit could allow the attacker to execut ...
Show More |
|||||
| CVE-2025-1700 | 2025-07-17 | N/A | 7.0 HIGH | ||
|
A DLL hijacking vulnerability was reported in the Motorola Software Fix (Rescue and Smart Assistant) installer that could allow a local attacker to escalate privileges during installation of the software.
|
|||||
| CVE-2025-7472 | 2025-07-17 | N/A | 7.5 HIGH | ||
|
A local privilege escalation vulnerability in the Intercept X for Windows installer prior version 1.22 can lead to a local user gaining system level privileges, if the installer is run as SYSTEM.
|
|||||
| CVE-2025-1729 | 2025-07-17 | N/A | 6.7 MEDIUM | ||
|
A DLL hijacking vulnerability was reported in TrackPoint Quick Menu software that, under certain conditions, could allow a local attacker to escalate privileges.
|
|||||
| CVE-2025-34109 | 2025-07-15 | N/A | N/A | ||
|
PSEvents.exe in multiple Panda Security products runs hourly with SYSTEM privileges and loads DLL files from a user-writable directory without proper validation. An attacker with low-privileged access who can write DLL files to the monitored directory can achieve arbitrary code execution with SYSTEM privileges. Affected products include Panda Global Protection 2016, Panda Antivirus Pro 2016, Panda Small Business Protection, and Panda Internet Security 2016 (all versions up to 16.1.2).
|
|||||
| CVE-2025-48496 | 2025-07-15 | N/A | 5.1 MEDIUM | ||
|
Emerson ValveLink products
use a fixed or controlled search path to find resources, but one or
more locations in that path can be under the control of unintended
actors.
|
|||||
| CVE-2025-29802 | 1 Microsoft | 1 Visual Studio 2022 | 2025-07-10 | N/A | 7.3 HIGH |
|
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
|
|||||
| CVE-2025-29803 | 1 Microsoft | 5 Sql Server Management Studio, Visual Studio Tools For Applications 2019, Visual Studio Tools For Applications 2019 Sdk and 2 more | 2025-07-10 | N/A | 7.3 HIGH |
|
Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally.
|
|||||
| CVE-2025-4981 | 1 Mattermost | 1 Mattermost Server | 2025-07-08 | N/A | 9.9 CRITICAL |
|
Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to sanitize filenames in the archive extractor which allows authenticated users to write files to arbitrary locations on the filesystem via uploading archives with path traversal sequences in filenames, potentially leading to remote code execution. The vulnerability impacts instances where file uploads and document search by content is enabled (FileSettings.EnableFileAttachments = t ...
Show More |
|||||
| CVE-2025-4539 | 1 Todesk | 1 Todesk | 2025-07-08 | 6.0 MEDIUM | 7.0 HIGH |
|
A vulnerability was found in Hainan ToDesk 4.7.6.3. It has been declared as critical. This vulnerability affects unknown code in the library profapi.dll of the component DLL File Parser. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but d ...
Show More |
|||||
| CVE-2025-29817 | 1 Microsoft | 1 Power Automate For Desktop | 2025-07-08 | N/A | 5.7 MEDIUM |
|
Uncontrolled search path element in Power Automate allows an authorized attacker to disclose information over a network.
|
|||||
| CVE-2025-36004 | 1 Ibm | 1 I | 2025-07-03 | N/A | 8.8 HIGH |
|
IBM i 7.2, 7.3, 7.4, and 7.5 could allow a user to gain elevated privileges due to an unqualified library call in IBM Facsimile Support for i. A malicious actor could cause user-controlled code to run with administrator privilege.
|
|||||
| CVE-2025-33122 | 1 Ibm | 1 I | 2025-07-03 | N/A | 7.5 HIGH |
|
IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 could allow a user to gain elevated privileges due to an unqualified library call in IBM Advanced Job Scheduler for i. A malicious actor could cause user-controlled code to run with administrator privilege.
|
|||||
| CVE-2024-55898 | 1 Ibm | 1 I | 2025-07-03 | N/A | 8.5 HIGH |
|
IBM i 7.2, 7.3, 7.4, and 7.5 could allow a user with the capability to compile or restore a program to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege.
|
|||||