Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-426

CWE-426

High likelihood

Untrusted Search Path

Parent: CWE-642 - External Control of Critical State Data

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

643 vulnerabilities with CWE-426

CVE-2017-16690 HIGH

SAP Plant Connectivity 2.3,15.0 - DLL Preload

CVE-2017-13070 HIGH

QNAP Qsync for Windows < 4.2.2.0724 - DLL Hijacking

CVE-2017-10893 HIGH

The Public Certification Service for Individuals < 3.1 - Untrusted Search Path

CVE-2017-17069 HIGH

Amazon Audible <Nov 2017 - Code Injection

CVE-2017-10892 HIGH

Music Center for PC 1.0.00 - Untrusted Search Path

CVE-2017-10891 HIGH

Media Go < 3.2.0.191 - Untrusted Search Path

CVE-2017-8137 HIGH

HedEx Lite < V200R006C00 - DLL Hijacking via Relative Path

CVE-2017-4939 HIGH

VMware Workstation 12.x < 12.5.8 - DLL Hijacking via Improper DLL Loading

CVE-2017-10887 HIGH

BOOK WALKER for Windows <= 1.2.9 - Untrusted Search Path

CVE-2017-12313 MEDIUM

Cisco Network Academy Packet Tracer - Code Injection

CVE-2017-12312 MEDIUM

Cisco Advanced Malware Protection for Endpoints - Authenticated DLL Hijacking via Untrusted Search Path

CVE-2017-10885 HIGH

HYPER SBI <= 2.2 - Untrusted Search Path

CVE-2017-10825 HIGH

Flets Easy Setup Tool <= 1.2.0 - Untrusted Search Path

CVE-2017-15566 HIGH

SchedMD Slurm Privilege Escalation via SPANK Environment Variable Handling

CVE-2017-5996 HIGH

BeyondTrust Remote Support 15.2.x-15.2.2 16.1.x-16.1.4 16.2.x-16.2.3 - DLL Hijacking via Weak ProgramData Permissions

CVE-2017-10865 HIGH

HIBUN Confidential File Decryption < 10.50.0.5 - Untrusted Search Path

CVE-2017-10864 HIGH

Hitachi Solutions HIBUN Confidential File Viewer Installer < 11.20.0001 - Untrusted Search Path

CVE-2017-10863 HIGH

HIBUN Confidential File Decryption < 10.50.0.5 - Untrusted Search Path

CVE-2017-12252 HIGH

Cisco FindIT Network Discovery Utility - DLL Preloading

CVE-2017-10860 HIGH

Digital Arts i-filter 6.0 installer - Untrusted Search Path

CVE-2017-10859 HIGH

Digital Arts i-filter 6.0 installer - Untrusted Search Path

CVE-2017-10858 HIGH

Digital Arts i-filter 6.0 install program < file version 1.0.8.1 - Untrusted Search Path

CVE-2017-10855 HIGH

FENCE-Explorer for Windows <= V8.4.1 - Untrusted Search Path

CVE-2017-10851 HIGH

Fuji Xerox ContentsBridge Utility < 7.4.0 - Untrusted Search Path

CVE-2017-10850 HIGH

Fujifilm ApeosPort-VI and DocuCentre-VI Installers - Untrusted Search Path

Previous Page 20 of 26 Next

Details

Vulnerabilities 643

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy