Filtered by CWE-427
Filtered by vendor Subscriptions
Total 812 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-7886 1 Scootersoftware 1 Beyond Compare 2024-08-19 7.8 High
A vulnerability has been found in Scooter Software Beyond Compare up to 3.3.5.15075 and classified as critical. Affected by this vulnerability is an unknown functionality in the library 7zxa.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The real existence of this vulnerability is still doubted at the moment. NOTE: The vendor explains that a system must be breached before exploiting this issue.
CVE-2024-21784 1 Intel 1 Ipp Cryptography 2024-08-19 6.7 Medium
Uncontrolled search path for some Intel(R) IPP Cryptography software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-21769 1 Intel 1 Ethernet Complete Driver Pack 2024-08-16 6.7 Medium
Uncontrolled search path in some Intel(R) Ethernet Connection I219-LM install software may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-7326 2 Iobit, Itopvpn 2 Dualsafe Password Manager, Dualsafe Password Manager 2024-08-15 7.8 High
A vulnerability classified as critical has been found in IObit DualSafe Password Manager 1.4.0.3. This affects an unknown part in the library RTL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The identifier VDB-273249 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-21766 1 Intel 1 Oneapi Math Kernel Library 2024-08-14 6.7 Medium
Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-21857 1 Intel 1 Oneapi Compiler Software 2024-08-14 6.7 Medium
Uncontrolled search path for some Intel(R) oneAPI Compiler software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-28953 1 Intel 1 Emon Software 2024-08-14 6.7 Medium
Uncontrolled search path in some EMON software before version 11.44 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-22376 1 Intel 1 Ethernet Adapter Complete Driver Pack 2024-08-14 6.7 Medium
Uncontrolled search path element in some installation software for Intel(R) Ethernet Adapter Driver Pack before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-22184 1 Intel 1 Quartus Prime Pro 2024-08-14 6.7 Medium
Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition Design Software before version 24.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-37142 1 Dell 1 Peripheral Manager 2024-08-09 7.3 High
Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege
CVE-2024-32857 1 Dell 1 Peripheral Manager 2024-08-09 7.3 High
Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege
CVE-2024-7324 1 Iobit 1 Itop Data Recovery Pro 2024-08-01 7.8 High
A vulnerability was found in IObit iTop Data Recovery Pro 4.4.0.687. It has been declared as critical. Affected by this vulnerability is an unknown functionality in the library madbasic_.bpl of the component BPL Handler. The manipulation leads to uncontrolled search path. Local access is required to approach this attack. The associated identifier of this vulnerability is VDB-273247. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.