Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
element software vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-27638
Uncontrolled search path element in the Intel(R) Advanced Link Analyzer Pro before version 22.2 and Standard edition software before version 22.1.1 STD may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Advanced Link Analyzer
7.8
CVSSv3
CVE-2022-27187
Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Quartus Prime
7.8
CVSSv3
CVE-2022-30548
Uncontrolled search path element in the Intel(R) Glorp software may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Glorp 1.0.0
7.8
CVSSv3
CVE-2022-43310
An Uncontrolled Search Path Element in Foxit Software released Foxit Reader v11.2.118.51569 allows malicious users to escalate privileges when searching for DLL libraries without specifying an absolute path.
Foxitsoftware Foxit Reader
7.8
CVSSv3
CVE-2022-25999
Uncontrolled search path element in the Intel(R) Enpirion(R) Digital Power Configurator GUI software, all versions may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Enpirion Digital Power Configurator Gui
7.8
CVSSv3
CVE-2021-38410
AVEVA Software Platform Common Services (PCS) Portal versions 4.5.2, 4.5.1, 4.5.0, and 4.4.6 are vulnerable to DLL hijacking through an uncontrolled search path element, which may allow an attacker control to one or more locations in the search path.
Aveva System Platform 2020
Aveva Platform Common Services 4.5.2
Aveva Platform Common Services 4.5.1
Aveva Platform Common Services 4.5.0
Aveva Platform Common Services 4.4.6
Aveva Batch Management 2020
Aveva Enterprise Data Management 2020
Aveva Manufacturing Execution System 2020
Aveva Mobile Operator 2020
Aveva Work Tasks 2020
7.8
CVSSv3
CVE-2022-24735
Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially higher) privileges of another Redis...
Redis Redis 7.0
Redis Redis
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Management Services For Element Software -
Netapp Management Services For Netapp Hci -
Oracle Communications Operations Monitor 4.3
Oracle Communications Operations Monitor 4.4
Oracle Communications Operations Monitor 5.0
7.8
CVSSv3
CVE-2021-22775
A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software.
Schneider-electric Gp-pro Ex
7.8
CVSSv3
CVE-2021-0104
Uncontrolled search path element in the installer for the Intel(R) Rapid Storage Technology software, prior to 17.9.0.34, 18.0.0.640 and 18.1.0.24, may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Rapid Storage Technology
7.8
CVSSv3
CVE-2021-22118
In Spring Framework, versions 5.2.x before 5.2.15 and versions 5.3.x before 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been upload...
Vmware Spring Framework
Oracle Retail Order Broker 16.0
Oracle Retail Predictive Application Server 15.0.3
Oracle Enterprise Data Quality 12.2.1.3.0
Oracle Retail Assortment Planning 16.0
Oracle Retail Financial Integration 16.0.3
Oracle Communications Network Integrity 7.3.6
Oracle Retail Integration Bus 16.0.3
Oracle Insurance Rules Palette 11.0.2
Oracle Insurance Rules Palette 11.1.0
Oracle Commerce Guided Search 11.3.2
Oracle Communications Element Manager
Oracle Communications Interactive Session Recorder 6.4
Oracle Communications Unified Inventory Management 7.4.1
Oracle Documaker
Oracle Enterprise Data Quality 12.2.1.4.0
Oracle Healthcare Data Repository 8.1.0
Oracle Insurance Policy Administration
Oracle Mysql Enterprise Monitor
Oracle Retail Customer Management And Segmentation Foundation
Oracle Communications Brm - Elastic Charging Engine 12.0.0.3
Oracle Communications Session Report Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »