CWE-426

High likelihood

Untrusted Search Path

Parent: CWE-642 - External Control of Critical State Data

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

643 vulnerabilities with CWE-426
CVE-2017-2230 HIGH
Douro Kouji Kanseizutou Check Program <Ver3.1 - Privilege Escalation
CVSS 7.8
CVE-2017-2229 HIGH
Douroshisetu Kihon Data Sakusei System <= Ver1.0.2 - Untrusted Search Path
CVSS 7.8
CVE-2017-2227 HIGH
Charamin OMP <1.1.7.4 & <1.2.0.0 - Privilege Escalation
CVSS 7.8
CVE-2017-2226 HIGH
advance preparation for e-Tax <1.17.1 - Privilege Escalation
CVSS 7.8
CVE-2017-2225 CRITICAL
EbidSettingChecker.exe <1.0.0.0 - Privilege Escalation
CVSS 9.8
CVE-2017-2220 HIGH
CASL II Simulator - Privilege Escalation
CVSS 7.8
CVE-2017-2218 HIGH
QuickTime for Windows - Privilege Escalation
CVSS 7.8
CVE-2017-2215 HIGH
Installer <2017-06-12 - Privilege Escalation
CVSS 7.8
CVE-2017-2208 HIGH
Installer of Electronic Tendering and Bid Opening System < 06112017 - Untrusted Search Path
CVSS 7.8
CVE-2017-2188 HIGH
Denshinouhin Check System <9.0.001.001 - Privilege Escalation
CVSS 7.8
CVE-2017-1144 LOW
IBM WebSphere Message Broker and Integration Bus - Denial of Service via Untrusted Search Path
CVSS 2.5
CVE-2017-2219 HIGH
Simeji for Windows - Privilege Escalation
CVSS 7.8
CVE-2017-2214 HIGH
AppCheck <2.0.1.15 - Code Injection
CVSS 8.4
CVE-2017-2213 HIGH
SemiDynaEXE <1.0.2 - Privilege Escalation
CVSS 7.8
CVE-2017-2212 HIGH
TKY2JGD <1.3.79 - Privilege Escalation
CVSS 7.8
CVE-2017-2211 HIGH
PatchJGD <1.0.1 - Privilege Escalation
CVSS 7.8
CVE-2017-2209 HIGH
Houkokusyo Sakusei Shien Tool <3.0.2, >=2.0 - Privilege Escalation
CVSS 7.8
CVE-2017-2207 HIGH
SaAT Personal <1.0.10.272 - Privilege Escalation
CVSS 8.8
CVE-2017-2206 HIGH
SaAT Netizen <1.2.10.510 - Privilege Escalation
CVSS 8.8
CVE-2017-2193 HIGH
Tera Term <4.94 - Privilege Escalation
CVSS 7.8
CVE-2017-2192 HIGH
Sharp RW-5100 - Untrusted Search Path
CVSS 7.8
CVE-2017-2191 HIGH
RW-5100 <1.0.0.9,1.0.1.0 - Privilege Escalation
CVSS 7.8
CVE-2017-2190 HIGH
RW-4040 <1.2.0.0 - Privilege Escalation
CVSS 7.8
CVE-2017-2189 HIGH
RW-4040 driver installer <2.27 - Privilege Escalation
CVSS 7.8
CVE-2017-2178 HIGH
Installer <May 25, 2017 - Privilege Escalation
CVSS 8.8
Details
Vulnerabilities 643
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits