The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
1,172 vulnerabilities with CWE-427
CVE-2021-31853
HIGH
McAfee Drive Encryption < 7.3.0 HF2 - DLL Search Order Hijacking
CVSS 7.8
CVE-2021-38420
HIGH
Delta Electronics DIALink <1.2.4.0 - Privilege Escalation
CVSS 7.8
CVE-2021-38416
HIGH
Delta Electronics DIALink <1.2.4.0 - Code Injection
CVSS 7.8
CVE-2021-22037
HIGH
VMware InstallBuilder < 21.6.0 - Path Interception by Search Order Hijacking via reg.exe Command
CVSS 7.8
CVE-2021-30359
HIGH
Harmony Browse & SandBlast Agent <90.08.7405 - Privilege Escalation
CVSS 7.8
CVE-2021-38469
CRITICAL
Auvesy versiondog <= 8.0.0 - DLL Hijacking
CVSS 9.1
CVE-2021-42103
HIGH
Trend Micro Apex One - Uncontrolled Search Path Element
CVSS 7.8
CVE-2021-42102
HIGH
Trend Micro Apex One - Uncontrolled Search Path Element
CVSS 7.8
CVE-2021-42101
HIGH
Trend Micro Apex One - Uncontrolled Search Path Element
CVSS 7.8
CVE-2021-35982
HIGH
Acrobat Reader DC <2021.005.20060 - RCE
CVSS 7.3
CVE-2021-32466
HIGH
Trend Micro HouseCall for Home Networks <= 5.3.1225 - Privilege Escalation via Uncontrolled Search Path Element
CVSS 7.0
CVE-2021-40981
HIGH
ASUS ROG Armoury Crate Lite <4.2.10 - Privilege Escalation
CVSS 7.3
CVE-2021-28130
HIGH
Dr.Web Firewall <12.5.2.4160 - Privilege Escalation
CVSS 7.8
CVE-2021-26750
HIGH
Panda Adaptive Defense 360 <= 8.0.17 and Panda Devices Agent <= 1.16.11 - DLL Hijacking
CVSS 7.8
CVE-2021-31847
HIGH
McAfee Agent < 5.7.4 - DLL Preloading Privilege Escalation via Unprotected Repair Directory
CVSS 8.2
CVE-2021-36216
HIGH
LINE for Windows < 6.2.1.2289 - Unauthenticated Arbitrary Code Execution via DLL Injection
CVSS 7.8
CVE-2021-28581
HIGH
Adobe Creative Cloud < 5.3 - Uncontrolled Search Path Element
CVSS 7.3
CVE-2021-22775
HIGH
GP-Pro EX <V4.09.250 - Code Injection
CVSS 7.8
CVE-2021-20793
HIGH
Sony Audio USB Driver <V1.10 - Privilege Escalation
CVSS 7.8
CVE-2021-28594
HIGH
Adobe Creative Cloud < 2.5 - Unauthenticated Arbitrary Code Execution via Uncontrolled Search Path
CVSS 7.8
CVE-2021-28636
HIGH
Adobe Acrobat and Reader DC - Uncontrolled Search Path Element
CVSS 7.3
CVE-2021-28595
HIGH
Adobe Dimension < 3.4 - Unauthenticated Arbitrary Code Execution via Uncontrolled Search Path Element
CVSS 7.8
CVE-2021-37617
HIGH
Nextcloud Desktop 3.0.3-3.2.4 - Uncontrolled Search Path Element via Uninstall.exe
CVSS 7.3
CVE-2021-3633
HIGH
Lenovo Driver Management < 2.9.0719.1104 - DLL Preloading Privilege Escalation
CVSS 7.3
CVE-2021-38086
HIGH
Acronis Cyber Protect <15 - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities
1,172