CVE-2019-4606

HIGH Year: 2019
CVSS v3 Score
7.4
High
CVSS v2 Score
6.9
Medium
Weakness Type
CWE-426
View all →

Vulnerability Description

IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 could allow a local attacker to execute arbitrary code on the system, caused by an untrusted search path vulnerability. By using a executable file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 168298.

Related Vulnerabilities

CVE-2019-9798

HIGH
CVSS:7.4(High)

On Android systems, Firefox can load a library from APITRACE_LIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle at...

CWE-4262019

CVE-2025-21399

HIGH
CVSS:7.4(High)

Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability

CWE-4262025

CVE-2016-10837

HIGH
CVSS:7.5(High)

cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46).

CWE-4262016

CVE-2018-10959

HIGH
CVSS:7.5(High)

Avecto Defendpoint 4 prior to 4.4 SR6 and 5 prior to 5.1 SR1 has an Untrusted Search Path vulnerability, exploitable by modifying environment variables to trigger automatic elevation of an attacker's ...

CWE-4262018

CVE-2018-6661

HIGH
CVSS:7.5(High)

DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows local users to gain privilege elevation via not verifying a particular DLL file signature.

CWE-4262018

CVE-2018-6700

HIGH
CVSS:7.5(High)

DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before 5.1.165 allows local users to execute arbitrary code via specially crafted malware.

CWE-4262018