The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
1,171 vulnerabilities with CWE-427
CVE-2024-1595
HIGH
Delta Electronics CNCSoft-B and DOPSoft < 4.0.0.82 - DLL Hijacking via Insecure Library Loading
CVSS 7.8
CVE-2024-23054
CRITICAL
Plone Docker Official Image 5.2.13 - Remote Code Execution via Missing npm Package in Static Components
CVSS 9.8
CVE-2024-23940
HIGH
Trend Micro Security 2023 < 6.0.2103 - DLL Hijacking via uiAirSupport
CVSS 7.8
CVE-2023-52945
HIGH
Synology BeeDrive For Desktop < 1.3.2-13814 - Uncontrolled Search Path Element
CVSS 7.8
CVE-2023-53959
CRITICAL
FileZilla Client 3.63.1 - Code Injection
CVSS 9.8
CVE-2023-53937
HIGH
Hubstaff 1.6.14 - DLL Search Order Hijacking
CVSS 7.8
CVE-2023-31358
HIGH
AMD Manageability API - Privilege Escalation
CVSS 7.3
CVE-2023-31361
HIGH
AMD AIM-T >=4.0.0.722 - DLL Hijacking in Manageability Service
CVSS 7.3
CVE-2023-31348
HIGH
AMD Prof < 4.1.424, < 4.2.816, < 4.2.845 - DLL Hijacking
CVSS 7.3
CVE-2023-45743
MEDIUM
Intel Driver & Support Assistant < 23.4.39.10 - Authenticated Privilege Escalation via Uncontrolled Search Path
CVSS 6.7
CVE-2023-45320
MEDIUM
Intel VTune Profiler < 2024.0 - Authenticated Privilege Escalation via Uncontrolled Search Path
CVSS 6.7
CVE-2023-43751
MEDIUM
Intel(R) Graphics <31.0.101.3790/31.0.101.2114 - Privilege Escalation
CVSS 6.7
CVE-2023-41961
MEDIUM
Intel Graphics Performance Analyzers < 2023.3 - Authenticated Privilege Escalation via Uncontrolled Search Path
CVSS 6.7
CVE-2023-40155
MEDIUM
Intel(R) CST <2.1.10300 - Privilege Escalation
CVSS 6.7
CVE-2023-39929
MEDIUM
Libva <2.20.0 - Privilege Escalation
CVSS 6.7
CVE-2023-35192
MEDIUM
Intel GPA Framework < 2023.3 - Authenticated Privilege Escalation via Uncontrolled Search Path
CVSS 6.7
CVE-2023-44440
HIGH
Ashlar-Vellum Lithium - Remote Code Execution via Uncontrolled Search Path Element
CVSS 8.8
CVE-2023-44439
HIGH
Ashlar-Vellum Xenon - Remote Code Execution via Uncontrolled Search Path Element
CVSS 8.8
CVE-2023-44438
HIGH
Ashlar-Vellum Argon - Remote Code Execution via Uncontrolled Search Path Element
CVSS 8.8
CVE-2023-44437
HIGH
Ashlar-Vellum Cobalt < 12.0.1204.78 - Remote Code Execution via Uncontrolled Search Path Element
CVSS 7.8
CVE-2023-27362
HIGH
3CX 18.0.0.451-18.0.8.917 - Local Privilege Escalation via OpenSSL Configuration File
CVSS 7.8
CVE-2023-51710
MEDIUM
EMS SQL Manager 3.6.2 - Code Injection
CVSS 4.2
CVE-2023-42920
HIGH
Claris Pro and FileMaker Pro < 20.2 - Uncontrolled Search Path Element
CVSS 7.8
CVE-2023-39254
MEDIUM
Dell Update Package Framework < 4.9.10 - Uncontrolled Search Path Element
CVSS 6.7
CVE-2023-6132
HIGH
AVEVA Platform Common Services - Uncontrolled Search Path Element
CVSS 7.3
Details
Vulnerabilities
1,171