Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-426

CWE-426

High likelihood

Untrusted Search Path

Parent: CWE-642 - External Control of Critical State Data

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

643 vulnerabilities with CWE-426

CVE-2018-7239 HIGH

Schneider Electric SoMove and DTM Software < 2.6.2 - DLL Hijacking

CVE-2018-0544 HIGH

WinShot < 1.53a - Untrusted Search Path via Trojan Horse DLL

CVE-2018-0543 HIGH

Jtrim < 1.53c - Untrusted Search Path via Trojan Horse DLL

CVE-2018-7484 HIGH

PureVPN through 5.19.4.0 - Untrusted Search Path via DLL Hijacking

CVE-2018-6218 HIGH

Trend Micro Deep Security - DLL Hijacking via User-Mode Hooking Module

CVE-2018-0516 HIGH

FLET'S Address Selection Tool - Untrusted Search Path

CVE-2018-0515 HIGH

FLET'S Azukeru Backup Tool <= 1.5.2.6 - Untrusted Search Path

CVE-2018-0517 HIGH

KDDI Anshin net security < 6.0.1.44 - Untrusted Search Path Privilege Escalation via Trojan Horse DLL

CVE-2018-6461 HIGH

March Hare WINCVS < 2.8.01 - Untrusted Search Path via Python or TCL DLL Loading

CVE-2018-6318 HIGH

Sophos Tester Tool 3.2.0.7 Beta - Untrusted Search Path via DLL Hijacking

CVE-2018-6475 HIGH

SUPERAntiSpyware Professional Trial 6.0.1254 - DLL Hijacking

CVE-2018-0507 HIGH

FLET'S VIRUS CLEAR Easy Setup & Application Tool <= ver.11 - Untrusted Search Path

CVE-2017-20123 HIGH

Viscosity <1.6.8 - Untrusted Search Path

CVE-2017-12580 HIGH

UltraEdit < 24.10.0.32 - Untrusted Search Path DLL Preloading

CVE-2017-7755 HIGH

Firefox < 54 and Firefox ESR < 52.2 - Untrusted Search Path DLL Loading

CVE-2017-2802 HIGH

Dell Precision Optimizer 3.5.5.0 - DLL Hijacking via PATH Environment Variable

CVE-2017-1711 HIGH

IBM Notes 8.5 and 9.0 - Untrusted Search Path via DLL Masquerading in Temp Directory

CVE-2017-7327 HIGH

Yandex Browser <17.4.1 - DLL Hijacking

CVE-2017-5696 HIGH

Intel Graphics Driver 15.40.x.x 15.45.x.x and 21.20.x.x - Privilege Escalation via Untrusted Search Path

CVE-2017-15913 HIGH

Whale - DLL Hijacking via Untrusted Search Path

CVE-2017-17010 HIGH

Content Manager Assistant <3.55.7671.0901 - Privilege Escalation

CVE-2017-10909 HIGH

Music Center for PC <= 1.0.01 - Untrusted Search Path

CVE-2017-17809 HIGH

Golden Frog VyprVPN < 2.15.0.5828 - Untrusted Search Path via XPC Service

CVE-2017-16997 HIGH

GNU C Library 2.19-2.26 - Privilege Escalation

CVE-2017-11397 HIGH

Trend Micro Encryption for Email < 5.6.0.1073 - Unauthenticated Remote Code Execution via Service DLL Preloading

Previous Page 19 of 26 Next

Details

Vulnerabilities 643

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy