Export limit exceeded: 362578 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (1182 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-28881 1 Intel 1 Fortran Compiler 2026-04-15 6.7 Medium
Uncontrolled search path for some Intel(R) Fortran Compiler Classic software before version 2021.13 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2025-20108 2026-04-15 6.7 Medium
Uncontrolled search path element for some Intel(R) Network Adapter Driver installers for Windows 11 before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-31361 2026-04-15 7.3 High
A DLL hijacking vulnerability in AMD Integrated Management Technology (AIM-T) Manageability Service could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
CVE-2025-20106 1 Intel 1 Vtune Profiler Software And Intel Oneapi Base Toolkits 2026-04-15 6.7 Medium
Uncontrolled search path in some software installer for some VTune(TM) Profiler software and Intel(R) oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CVE-2025-26860 1 Rsupport 1 Remotecall 2026-04-15 N/A
RemoteCall Remote Support Program (for Operator) versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution.
CVE-2024-34164 1 Intel 1 Mas Software 2026-04-15 6.7 Medium
Uncontrolled search path element in some Intel(R) MAS software before version 2.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-57426 2026-04-15 7.3 High
NetMod VPN Client 5.3.1 is vulnerable to DLL injection, allowing an attacker to execute arbitrary code by placing a malicious DLL in a directory where the application loads dependencies. This vulnerability arises due to the improper validation of dynamically loaded libraries.
CVE-2024-48091 2026-04-15 7.8 High
Tally Prime Edit Log v2.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL.
CVE-2024-36280 1 Intel 1 High Level Synthesis Compiler 2026-04-15 6.7 Medium
Uncontrolled search path for some Intel(R) High Level Synthesis Compiler software before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2025-5469 2 Apple, Yandex 2 Macos, Messenger 2026-04-15 N/A
Uncontrolled Search Path Element vulnerability in Yandex Messenger on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.245
CVE-2024-0980 2026-04-15 7.1 High
The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary code.
CVE-2024-31073 2026-04-15 6.7 Medium
Uncontrolled search path for some Intel(R) oneAPI Level Zero software may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-28953 1 Intel 1 Emon Software 2026-04-15 6.7 Medium
Uncontrolled search path in some EMON software before version 11.44 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-21830 2026-04-15 6.7 Medium
Uncontrolled search path in some Intel(R) VPL software before version 2023.4.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-33580 1 Lenovo 1 Personal Cloud 2026-04-15 7.8 High
A DLL hijack vulnerability was reported in Lenovo Personal Cloud that could allow a local attacker to execute code with elevated privileges.
CVE-2024-36291 2026-04-15 6.7 Medium
Uncontrolled search path for some Intel(R) Chipset Software Installation Utility before version 10.1.19867.8574 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2025-62776 2 Microsoft, Wireless Tsukamoto 2 Windows, Wtw Eagle 2026-04-15 N/A
The installer of WTW EAGLE (for Windows) 3.0.8.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application.
CVE-2024-28131 2026-04-15 7.8 High
EasyRange Ver 1.41 contains an issue with the executable file search path when displaying an extracted file on Explorer, which may lead to loading an executable file resides in the same folder where the extracted file is placed. If this vulnerability is exploited, arbitrary code may be executed with the privilege of the running program. Note that the developer was unreachable, therefore, users should consider stop using EasyRange Ver 1.41.
CVE-2024-39813 2026-04-15 6.7 Medium
Uncontrolled search path for some EPCT software before version 1.42.8.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2025-40827 1 Siemens 2 Software Center, Solid Edge Se2025 2026-04-15 7.8 High
A vulnerability has been identified in Siemens Software Center (All versions < V3.5), Solid Edge SE2025 (All versions < V225.0 Update 10). The affected application is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system.