Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-426

CWE-426

High likelihood

Untrusted Search Path

Parent: CWE-642 - External Control of Critical State Data

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

626 vulnerabilities with CWE-426

CVE-2023-27763 HIGH

Wondershare Mobiletrans - Untrusted Search Path

CVE-2023-27762 HIGH

Wondershare Democreator - Untrusted Search Path

CVE-2023-27761 HIGH

Wondershare Uniconverter - Untrusted Search Path

CVE-2023-27760 HIGH

Wondershare Filmora - Untrusted Search Path

CVE-2023-27759 HIGH

Wondershare Edrawmind - Untrusted Search Path

CVE-2023-26358 HIGH

Creative Cloud <5.9.1 - RCE

CVE-2023-26038 MEDIUM

ZoneMinder <1.36.33-1.37.33 - Local File Inclusion

CVE-2023-26036 HIGH

ZoneMinder <1.36.33-1.37.33 - Local File Inclusion

CVE-2023-23920 MEDIUM

Node.js <19.6.1-<14.21.3 - Privilege Escalation

CVE-2023-22368 HIGH

ELECOM Camera Assistant <1.00-QuickFileDealer <1.2.1 - Privilege Es...

CVE-2023-23618 HIGH

Git For Windows < 2.39.2 - Untrusted Search Path

CVE-2023-22743 HIGH

Git For Windows < 2.39.2 - Untrusted Search Path

CVE-2023-21764 HIGH

Microsoft Exchange Server - Privilege Escalation

CVE-2023-21763 HIGH

Microsoft Exchange Server - Privilege Escalation

CVE-2022-4987 HIGH

Hirschmann Industrial HiVision External Application Path Hijacking Leading to Arbitrary Code Execution

CVE-2022-43456 MEDIUM

Intel(R) RST <16.8.5.1014.5-19.5.2.1049.5 - Privilege Escalation

CVE-2022-35868 MEDIUM

TIA Multiuser Server/V15.1-Project-Server V17 - Privilege Escalation

CVE-2022-4883 HIGH

LibXpm - Path Traversal

CVE-2022-41953 HIGH

Git < 2.39.1 - Untrusted Search Path

CVE-2022-38060 HIGH

OpenStack Kolla - Privilege Escalation

CVE-2022-23748 HIGH KEV

mDNSResponder.exe - DLL Sideloading

CVE-2022-31253 HIGH

openSUSE Factory openldap2 <2.6.3-404.1 - Privilege Escalation

CVE-2022-3734 MEDIUM

Redis - Untrusted Search Path

CVE-2022-0074 HIGH

Litespeedtech Openlitespeed < 1.7.16.1 - Untrusted Search Path

CVE-2022-39245 HIGH

Mist <0.9.5 - Command Injection

Previous Page 9 of 26 Next

Details

Vulnerabilities 626

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy