Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-426

CWE-426

High likelihood

Untrusted Search Path

Parent: CWE-642 - External Control of Critical State Data

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

639 vulnerabilities with CWE-426

CVE-2019-19929 HIGH

Malwarebytes AdwCleaner < 8.0.1 - Untrusted Search Path

CVE-2019-18996 HIGH

ABB PB610 Panel Builder <2.8.0.424 - Code Injection

CVE-2019-8801 HIGH

iTunes < 12.10.2 - Untrusted Search Path in Dynamic Library Loading

CVE-2019-14599 HIGH

Control Center-I <2.1.0.0 - Privilege Escalation

CVE-2019-4606 HIGH

IBM DB2 High Performance Unload <6.1,6.5 - RCE

CVE-2019-15628 HIGH

Trend Micro Security 2020 < 16.0.1221 - DLL Hijacking via Service Execution

CVE-2019-17446 HIGH

Eracent EPA Agent < 10.2.26 - Privilege Escalation via Untrusted Search Path

CVE-2019-6189 HIGH

Lenovo System Interface Foundation < 1.1.18.3 - Untrusted Search Path DLL Loading

CVE-2019-16861 HIGH

Code42 Server <7.0.2 - Code Injection

CVE-2019-16860 HIGH

Code42 < 7.0.2 - Untrusted Search Path DLL Loading

CVE-2019-3648 MEDIUM

McAfee Total Protection < 16.0.R22 - Privilege Escalation via Untrusted Search Path

CVE-2019-18196 MEDIUM

TeamViewer < 11.0.214397 - DLL Side Loading via Windows Service Restart

CVE-2019-17664 HIGH

Ghidra <= 9.0.4 - Untrusted Search Path via Python Interpreter Launch

CVE-2019-17449 MEDIUM

Avira Software Updater < 2.0.6.21094 - DLL Side-Loading via Untrusted Search Path

CVE-2019-3745 HIGH

Dell Encryption < 10.4.0 and Endpoint Security Suite Enterprise < 2.4.0 - DLL Hijacking via Installer Search Path

CVE-2019-14960 HIGH

JetBrains Rider < 2019.1.2 - Untrusted Search Path

CVE-2019-13357 HIGH

Total Defense Anti-virus 9.0.0.773 - Untrusted Search Path DLL Hijacking via caschelp.exe

CVE-2019-6826 HIGH

SoMachine HVAC < 2.4.1 - Untrusted Search Path DLL Loading

CVE-2019-11660 HIGH

Micro Focus Data Protector <10.50 - Privilege Escalation

CVE-2019-3646 MEDIUM

McAfee Total Protection <16.0.R18 - RCE

CVE-2019-8461 HIGH

Check Point Endpoint Security Initial Client for Windows <E81.30 - ...

CVE-2019-15295 HIGH

Bitdefender Antivirus Free 2020 < 1.0.15.138 - Untrusted Search Path in ServiceInstance.dll

CVE-2019-6165 HIGH

Lenovo Yoga 700-11ISK/14ISK Firmware - Untrusted Search Path in PaperDisplay Hotkey Service

CVE-2019-5631 HIGH

Rapid7 InsightAppSec < 2019.06.24 - DLL Injection in prunsrv.exe

CVE-2019-9492 HIGH

Trend Micro OfficeScan <11.0 SP1-XG - RCE

Previous Page 14 of 26 Next

Details

Vulnerabilities 639

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy