Export limit exceeded: 362815 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (1182 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-22376 1 Intel 1 Ethernet Adapter Complete Driver Pack 2026-04-15 6.7 Medium
Uncontrolled search path element in some installation software for Intel(R) Ethernet Adapter Driver Pack before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-42405 2026-04-15 6.7 Medium
Uncontrolled search path for some Intel(R) Quartus(R) Prime Software before version 23.1.1 Patch 1.01std may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-32938 1 Intel 1 Mpi Library 2026-04-15 6.7 Medium
Uncontrolled search path for some Intel(R) MPI Library for Windows software before version 2021.13 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-9494 2026-04-15 8.6 High
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the  CP210 VCP Win 2k installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.
CVE-2025-26860 1 Rsupport 1 Remotecall 2026-04-15 N/A
RemoteCall Remote Support Program (for Operator) versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution.
CVE-2024-9492 2026-04-15 8.6 High
DLL hijacking vulnerabilities, caused by an uncontrolled search path in Flash Programming Utility installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.
CVE-2024-9496 2026-04-15 8.6 High
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress Dev Kit installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.
CVE-2024-9498 2026-04-15 8.6 High
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress SDK installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.
CVE-2024-21843 2026-04-15 6.7 Medium
Uncontrolled search path for some Intel(R) Computing Improvement Program software before version 2.4.0.10654 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2025-57781 1 Denso Ten 1 Drive Recorder Viewer 2026-04-15 N/A
The installers of DENSO TEN drive recorder viewer contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer.
CVE-2025-43950 2026-04-15 7.8 High
DPMAdirektPro 4.1.5 is vulnerable to DLL Hijacking. It happens by placing a malicious DLL in a directory (in the absence of a legitimate DLL), which is then loaded by the application instead of the legitimate DLL. This causes the malicious DLL to load with the same privileges as the application, thus causing a privilege escalation.
CVE-2025-11772 1 Synaptics 1 Fingerprint Driver 2026-04-15 6.6 Medium
A carefully crafted DLL, copied to C:\ProgramData\Synaptics folder, allows a local user to execute arbitrary code with elevated privileges during driver installation.
CVE-2023-51710 1 Oracle 1 Ens Sql Manager 2026-04-15 4.2 Medium
EMS SQL Manager 3.6.2 (build 55333) for Oracle allows DLL hijacking: a user can trigger the execution of arbitrary code every time the product is executed.
CVE-2025-13152 1 Lenovo 1 One Client 2026-04-15 7.8 High
A potential DLL hijacking vulnerability was reported in Lenovo One Client during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges.
CVE-2025-2272 2026-04-15 7 High
Uncontrolled Search Path Element vulnerability in Forcepoint FIE Endpoint allows Privilege Escalation, Code Injection, Hijacking a privileged process.This issue affects FIE Endpoint: before 25.05.
CVE-2025-61161 1 Evope 1 Collector 2026-04-15 8.4 High
DLL hijacking vulnerability in Evope Collector 1.1.6.9.0 and related components load the wtsapi32.dll library from an uncontrolled search path (C:\ProgramData\Evope). This allows local unprivileged attackers to execute arbitrary code or escalate privileges to SYSTEM by placing a crafted DLL in that location. The vulnerable component is Evope.Service.exe, which runs with SYSTEM privileges and automatically loads the DLL on startup or reboot.
CVE-2024-22379 2026-04-15 6.7 Medium
Uncontrolled search path in some Intel(R) Inspector software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2025-20065 2 Intel, Microsoft 2 Display Virtualization, Windows 2026-04-15 6.7 Medium
Uncontrolled search path for some Display Virtualization for Windows OS software before version 1797 within Ring 2: Device Drivers may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CVE-2024-9495 2026-04-15 8.6 High
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the CP210x VCP Windows installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.
CVE-2025-26404 1 Intel 1 Dsa Software 2026-04-15 6.7 Medium
Uncontrolled search path for some Intel(R) DSA software before version 25.2.15.9 may allow an authenticated user to potentially enable escalation of privilege via local access.