Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-426

CWE-426

High likelihood

Untrusted Search Path

Parent: CWE-642 - External Control of Critical State Data

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

626 vulnerabilities with CWE-426

CVE-2024-43616 HIGH

Microsoft 365 Apps - Untrusted Search Path

CVE-2024-43576 HIGH

Microsoft 365 Apps - Untrusted Search Path

CVE-2024-8733 HIGH

HP One Agent - Privilege Escalation

CVE-2024-9325 HIGH

Intelbras InControl <2.21.56 - Unquoted Search Path

CVE-2024-6769 MEDIUM

Microsoft Windows <2022 - Privilege Escalation

CVE-2024-44103 HIGH

Ivanti Workspace Control < 10.18.99.0 - Untrusted Search Path

CVE-2024-45281 MEDIUM

SAP BusinessObjects - Privilege Escalation

CVE-2024-6473 HIGH

Yandex Browser <24.7.1.380 - DLL Hijacking

CVE-2024-5623 HIGH

B&R APROL <= R 4.4-00P3 - Privilege Escalation

CVE-2024-5622 HIGH

B&R APROL <4.2.07P3, <4.4-00P3 - Privilege Escalation

CVE-2024-38305 HIGH

Dell SupportAssist <4.0.3 - Privilege Escalation

CVE-2024-7886 HIGH

Scooter Software Beyond Compare <3.3.5.15075 - Path Traversal

CVE-2024-42439 MEDIUM

Zoom Workplace Desktop App <6.1.0 - Privilege Escalation

CVE-2024-41865 HIGH

Adobe Dimension < 3.4.11 - Untrusted Search Path

CVE-2024-6975 HIGH

Catonetworks Cato Client < 5.10.34 - Untrusted Search Path

CVE-2024-6974 HIGH

Catonetworks Cato Client < 5.10.34 - Incorrect Default Permissions

CVE-2024-34123 HIGH

Premiere Pro <24.4.1 - RCE

CVE-2024-35260 HIGH

Microsoft Power Platform - Untrusted Search Path

CVE-2024-36071 MEDIUM

Samsung Magician 8.0.0 - Privilege Escalation

CVE-2024-6080 HIGH

Intelbras InControl <2.21.56 - Unquoted Search Path

CVE-2024-38462 CRITICAL

iRODS <4.3.2 - Buffer Overflow

CVE-2024-30100 HIGH

Microsoft SharePoint Server - RCE

CVE-2024-28060 HIGH

Apiris Kafeo <6.4.4 - Code Injection

CVE-2024-28133 HIGH

Phoenixcontact Charx Sec-3000 Firmware < 1.5.1 - Untrusted Search Path

CVE-2024-32019 HIGH

Netdata Agent - RCE

Previous Page 6 of 26 Next

Details

Vulnerabilities 626

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy