Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-427

CWE-427

Uncontrolled Search Path Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

1,171 vulnerabilities with CWE-427

CVE-2024-48605 HIGH

Helakuru 1.1 - Uncontrolled Search Path Element via wow64log.dll

CVE-2024-10093 HIGH

VSO ConvertXtoDvd 7.0.0.83 - Uncontrolled Search Path

CVE-2024-10068 HIGH

OpenSight Software FlashFXP 5.4.0.3970 - Uncontrolled Search Path

CVE-2024-49391 HIGH

Acronis Cyber Files <9.0.0x24 - Privilege Escalation

CVE-2024-49390 HIGH

Acronis Cyber Files <9.0.0x24 - Privilege Escalation

CVE-2024-45710 HIGH

SolarWinds Platform < 2024.4 - Local Privilege Escalation via Uncontrolled Search Path Element

CVE-2024-30117 LOW

HCL BigFix Platform 9.5-9.5.25 - Uncontrolled Search Path Element

CVE-2024-9046 HIGH

Lenovo stARstudio < 2020.3.12.34806 - DLL Hijacking

CVE-2024-4132 HIGH

Lenovo Lock Screen < 9.0.18 - DLL Hijacking

CVE-2024-4131 HIGH

Lenovo Emulator < 9.1.6 - DLL Hijacking

CVE-2024-4130 HIGH

Lenovo App Store < 9.0.17 - DLL Hijacking

CVE-2024-4089 HIGH

Lenovo Super File - Privilege Escalation

CVE-2024-33582 HIGH

Lenovo Service Framework - Privilege Escalation

CVE-2024-33581 HIGH

Lenovo PC Manager AI - Privilege Escalation

CVE-2024-33580 HIGH

Lenovo Personal Cloud - Privilege Escalation

CVE-2024-33579 HIGH

Lenovo Baiying - Privilege Escalation

CVE-2024-33578 HIGH

Lenovo Leyun - Privilege Escalation

CVE-2024-47196 MEDIUM

ModelSim Questa < V2025.2 - Code Injection

CVE-2024-47195 MEDIUM

ModelSim Questa < V2024.3 - Code Injection

CVE-2024-47194 MEDIUM

ModelSim Questa < V2024.3 - Code Injection

CVE-2024-45246 HIGH

Vynamic View < 5.9.5 - Uncontrolled Search Path Element

CVE-2024-6769 MEDIUM

Microsoft Windows <2022 - Privilege Escalation

CVE-2024-44168 MEDIUM

macOS < 13.7, < 14.7, < 15 - Unauthorized File System Modification via Library Injection

CVE-2024-8766 MEDIUM

Acronis Cyber Protect <38235-39169 - Privilege Escalation

CVE-2024-34016 MEDIUM

Acronis Cyber Protect Cloud Agent <38235 - Privilege Escalation

Previous Page 16 of 47 Next

Details

Vulnerabilities 1,171

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy