Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-427

CWE-427

Uncontrolled Search Path Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

1,133 vulnerabilities with CWE-427

CVE-2025-24998 HIGH

Visual Studio - Privilege Escalation

CVE-2025-1804 HIGH

Blizzard Battle.Net <2.39.0.15212 - Path Traversal

CVE-2025-1223 MEDIUM

Citrix Secure Access Client for Mac - Privilege Escalation

CVE-2025-26624 MEDIUM

Rufus <4.6.2208 - Privilege Escalation

CVE-2025-24039 HIGH

Microsoft Visual Studio Code < 1.97.1 - Uncontrolled Search Path

CVE-2025-21206 HIGH

Microsoft Visual Studio 2017 < 15.9.70 - Uncontrolled Search Path

CVE-2025-21127 HIGH

Adobe Photoshop < 25.12.1 - Uncontrolled Search Path

CVE-2025-0069 HIGH

SAPSetup - Privilege Escalation

CVE-2024-13976 HIGH

Commvault for Windows <11.20.0-11.36.0 - Code Injection

CVE-2024-24916 MEDIUM

Installer - Code Injection

CVE-2024-42191 MEDIUM

Hcltech Traveler For Microsoft Outlook - Uncontrolled Search Path

CVE-2024-42190 MEDIUM

Hcltech Traveler For Microsoft Outlook - Uncontrolled Search Path

CVE-2024-13946 MEDIUM

ASPECT-Enterprise <3.* - Binary Planting

CVE-2024-47800 MEDIUM

Intel(R) Graphics Driver - Privilege Escalation

CVE-2024-47795 MEDIUM

Intel(R) oneAPI DPC++/C++ Compiler <2025.0.0 - Privilege Escalation

CVE-2024-46895 MEDIUM

Intel Arc & Iris Xe Graphics <32.0.101.6083 - Privilege Escalation

CVE-2024-39833 MEDIUM

Intel(R) QAT <2.3.0 - Privilege Escalation

CVE-2024-31073 MEDIUM

Intel(R) oneAPI Level Zero - Privilege Escalation

CVE-2024-12530 HIGH

OpenText Secure Content Manager <23.4 - Code Injection

CVE-2024-11859 HIGH

DLL Search Order - Code Injection

CVE-2024-10930 HIGH

Carrier Block Load < 4.16 - Uncontrolled Search Path

CVE-2024-55898 HIGH

I - Uncontrolled Search Path

CVE-2024-57964 HIGH

HVAC Energy Saving Program - Info Disclosure/Code Injection

CVE-2024-57963 HIGH

USB-CONVERTERCABLE DRIVER - Info Disclosure/Code Injection

CVE-2024-47006 MEDIUM

Intel(R) RealSense D400 Series UWP Driver - Privilege Escalation

Previous Page 11 of 46 Next

Details

Vulnerabilities 1,133

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy