Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-426

CWE-426

High likelihood

Untrusted Search Path

Parent: CWE-642 - External Control of Critical State Data

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

639 vulnerabilities with CWE-426

CVE-2023-1521 HIGH

sccache < 0.4.0 - LD_PRELOAD Local Privilege Escalation

CVE-2023-32266 MEDIUM

OpenText ALM,QC <16.0 - Code Injection

CVE-2023-48670 HIGH

Dell SupportAssist <3.14.1 - Privilege Escalation

CVE-2023-43586 HIGH

Zoom Desktop Client for Windows - Privilege Escalation

CVE-2023-36003 MEDIUM

XAML Diagnostics - Privilege Escalation

CVE-2023-26031 HIGH

Apache Hadoop <3.3.4 - Privilege Escalation

CVE-2023-39202 LOW

Zoom Rooms Client for Windows & Zoom VDI Client - DoS

CVE-2023-41840 HIGH

FortiClientWindows 7.0.9 - DLL Hijack via OpenSSL Engine Library Search Path

CVE-2023-36422 HIGH

Microsoft Windows Defender - Privilege Escalation

CVE-2023-36393 HIGH

Microsoft Windows UI App Core - Remote Code Execution

CVE-2023-41766 HIGH

Windows CSRSS - Untrusted Search Path Elevation of Privilege

CVE-2023-36780 HIGH

Skype for Business Server - Remote Code Execution via Untrusted Search Path

CVE-2023-36778 HIGH

Microsoft Exchange Server - Remote Code Execution via Untrusted Search Path

CVE-2023-39201 HIGH

CleanZoom <07/24/2023 - Privilege Escalation

CVE-2023-4736 HIGH

vim < 9.0.1833 - Untrusted Search Path

CVE-2023-40590 HIGH

GitPython < 3.1.32 - Untrusted Search Path via Git Executable Resolution

CVE-2023-41105 HIGH

Python 3.11.0-3.11.4 - Untrusted Search Path via os.path.normpath()

CVE-2023-29299 MEDIUM

Adobe Acrobat Reader <23.003.20244 & <20.005.30467 - DoS

CVE-2023-39212 HIGH

Zoom Rooms for Windows <5.15.5 - DoS

CVE-2023-36898 HIGH

Microsoft Tablet Windows UI App Core - Remote Code Execution

CVE-2023-36540 HIGH

Zoom Desktop Client for Windows <5.14.5 - Privilege Escalation

CVE-2023-36538 HIGH

Zoom Rooms for Windows <5.15.0 - Privilege Escalation

CVE-2023-36536 HIGH

Zoom Rooms for Windows <5.15.0 - Privilege Escalation

CVE-2023-35343 HIGH

Windows Geolocation Service - Remote Code Execution

CVE-2023-34119 HIGH

Zoom Rooms for Windows <5.15.0 - Privilege Escalation

Previous Page 8 of 26 Next

Details

Vulnerabilities 639

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy