Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-427

CWE-427

Uncontrolled Search Path Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

1,171 vulnerabilities with CWE-427

CVE-2024-22184 MEDIUM

Intel(R) Quartus(R) Prime Pro Edition <24.1 - Privilege Escalation

CVE-2024-21857 MEDIUM

Intel(R) oneAPI Compiler <2024.1 - Privilege Escalation

CVE-2024-21784 MEDIUM

Intel IPP Cryptography < 2021.11.0 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2024-21769 MEDIUM

Intel(R) Ethernet Connection I219-LM - Privilege Escalation

CVE-2024-21766 MEDIUM

Intel(R) oneAPI Math Kernel Library <2024.1 - Privilege Escalation

CVE-2024-7061 MEDIUM

Okta Verify for Windows < 5.0.2 - Privilege Escalation via DLL Hijacking

CVE-2024-5290 HIGH

wpa_supplicant - Uncontrolled Search Path Element via Arbitrary Module Loading

CVE-2024-7326 HIGH

IObit DualSafe Password Manager 1.4.0.3 - Uncontrolled Search Path Element in BPL Handler

CVE-2024-7325 HIGH

IObit Driver Booster 11.0.0.0 - Uncontrolled Search Path in VCL120.BPL

CVE-2024-7324 HIGH

IObit iTop Data Recovery Pro 4.4.0.687 - Uncontrolled Search Path

CVE-2024-37142 HIGH

Dell Peripheral Manager < 1.7.6 - Uncontrolled Search Path Element via DLL Preloading

CVE-2024-37127 HIGH

Dell Peripheral Manager < 1.7.6 - Uncontrolled Search Path Element via DLL Preloading

CVE-2024-32857 HIGH

Dell Peripheral Manager < 1.7.6 - Uncontrolled Search Path Element via DLL Preloading

CVE-2024-41817 HIGH

ImageMagick 7.0.11-13-7.1.1-36 - Uncontrolled Search Path Element via MAGICK_CONFIGURE_PATH and LD_LIBRARY_PATH

CVE-2024-7193 MEDIUM

mp3tag < 3.26e - Uncontrolled Search Path Element in DLL Handler

CVE-2024-39820 MEDIUM

Zoom Workplace Desktop < 6.0.10 - Authenticated Denial of Service via Uncontrolled Search Path Element

CVE-2024-38330 HIGH

IBM System Management for i <7.4 - Privilege Escalation

CVE-2024-1182 HIGH

Mitsubishi Electric - Local Execution

CVE-2024-39708 HIGH

Delinea Privilege Manager <12.0.1096 - Privilege Escalation

CVE-2024-34116 HIGH

Creative Cloud Desktop <6.1.0.587 - Code Injection

CVE-2024-37130 HIGH

Dell OpenManage Server Administrator < 11.0.1.0 - Local Privilege Escalation via XSL Hijacking

CVE-2024-5509 HIGH

Luxion KeyShot < 2024.1 - Remote Code Execution via BIP File Parsing

CVE-2024-5292 HIGH

D-Link Network Assistant < 4.0.0.21 - Local Privilege Escalation via Uncontrolled Search Path

CVE-2024-22379 MEDIUM

Intel(R) Inspector <2024.0 - Privilege Escalation

CVE-2024-21862 MEDIUM

Intel Quartus Prime < 23.1 - Uncontrolled Search Path Element via Local Access

Previous Page 18 of 47 Next

Details

Vulnerabilities 1,171

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy