Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-427

CWE-427

Uncontrolled Search Path Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

1,171 vulnerabilities with CWE-427

CVE-2024-21861 MEDIUM

Intel GPA Framework < 2023.4 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2024-21843 MEDIUM

Intel(R) Computing Improvement Program <2.4.0.10654 - Privilege Esc...

CVE-2024-21841 MEDIUM

Intel(R) Distribution for GDB <2024.0 - Privilege Escalation

CVE-2024-21837 MEDIUM

Intel Quartus Prime Lite Edition < 23.1 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2024-21831 MEDIUM

Intel Processor Diagnostic Tool < 4.1.9.41 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2024-21818 MEDIUM

Intel(R) PCM <202311 - Privilege Escalation

CVE-2024-21814 MEDIUM

Intel Chipset Device Software < 10.1.19444.8378 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2024-21788 MEDIUM

Intel Graphics Performance Analyzers < 2023.4 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2024-21777 MEDIUM

Intel Quartus Prime < 23.4 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2024-21774 MEDIUM

Intel(R) Processor Identification Utility <6.10.34.1129, 7.1.6 - Pr...

CVE-2024-21772 MEDIUM

Intel Advisor < 2024.0 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2024-20366 HIGH

Cisco Crosswork NSO - Privilege Escalation

CVE-2024-2637 HIGH

B&R Industrial Automation - Buffer Overflow

CVE-2024-25050 HIGH

IBM Rational Developer for i and IBM i - Uncontrolled Search Path Element

CVE-2024-33672 HIGH

Veritas NetBackup < 10.4 - Arbitrary File Deletion via Multi-Threaded Agent

CVE-2024-28099 HIGH

VT STUDIO < 8.32 - Uncontrolled Search Path Element

CVE-2024-22450 HIGH

Dell Alienware Command Center <6.2.7.0 - Code Injection

CVE-2024-29734 HIGH

SonicDICOM Media Viewer <2.3.2 - Code Injection

CVE-2024-0980 HIGH

Okta Verify for Windows < 4.10.7 - Arbitrary Code Execution via Auto-Update Service

CVE-2024-28131 HIGH

EasyRange Ver 1.41 - Code Injection

CVE-2024-22346 HIGH

Db2 for IBM i <7.6 - Privilege Escalation

CVE-2024-22167 HIGH

SanDisk PrivateAccess Windows App < 6.4.10 - DLL Hijacking

CVE-2024-0670 HIGH

Checkmk <2.2.0p23-2.0.0 - Privilege Escalation

CVE-2024-27303 HIGH

electron-builder <24.13.2 - Command Injection

CVE-2024-20338 HIGH

Cisco Secure Client for Linux - Privilege Escalation

Previous Page 19 of 47 Next

Details

Vulnerabilities 1,171

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy