Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-427

CWE-427

Uncontrolled Search Path Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

1,171 vulnerabilities with CWE-427

CVE-2023-49114 MEDIUM

Qognify VMS Client Viewer >=7.1 - RCE

CVE-2023-41091 MEDIUM

Intel(R) MPI Library <2021.11 - Privilege Escalation

CVE-2023-40156 MEDIUM

Intel System Support Utility < 3.0.0.2 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2023-39932 MEDIUM

Intel System Usage Report for Gameplay < 2.0.1901 - Privilege Escalation via Uncontrolled Search Path

CVE-2023-38566 MEDIUM

Intel(R) ISPC <1.21.0 - Privilege Escalation

CVE-2023-36493 MEDIUM

Intel(R) SDK for OpenCL(TM) < - Privilege Escalation

CVE-2023-35769 MEDIUM

Intel Computing Improvement Program < 2.4.10577 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2023-35060 MEDIUM

Intel Battery Life Diagnostic Tool < 2.3.1 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2023-32646 MEDIUM

Intel VROC < 8.0.8.1001 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2023-32618 MEDIUM

Intel oneAPI < 4.3.2 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2023-28745 MEDIUM

Intel(R) QSFP+ Configuration Utility - Privilege Escalation

CVE-2023-28407 MEDIUM

Intel Extreme Tuning Utility < 7.12.0.29 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2023-25779 MEDIUM

Intel Thunderbolt DCH Driver < 88 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2023-24591 MEDIUM

Intel(R) Binary Configuration Tool <3.4.4 - Privilege Escalation

CVE-2023-51711 HIGH

Regify Regipay Client <4.5.1.0 - Code Injection

CVE-2023-27859 MEDIUM

IBM Db2 10.5.0.0-10.5.0.10 - Uncontrolled Search Path Element via Malicious JAR File Installation

CVE-2023-32272 HIGH

Intel NUC Pro Software Suite < 3.0.0.6 - Authenticated Denial of Service via Uncontrolled Search Path

CVE-2023-6740 HIGH

Checkmk < 2.2.0p18, 2.1.0p38, 2.0.0p39 - Privilege Escalation via jar_signature Agent Plugin

CVE-2023-29445 HIGH

PTC Kepware Kepserverex < 6.14.263.0 - Uncontrolled Search Path

CVE-2023-29444 MEDIUM

PTC Kepware Kepserverex < 6.14.263.0 - Uncontrolled Search Path

CVE-2023-41782 LOW

ZTE ZXCLOUD iRAI < 7.23.30 - DLL Hijacking via Uncontrolled Search Path

CVE-2023-6338 HIGH

Lenovo Universal Device Client < 23.10 - Uncontrolled Search Path Element

CVE-2023-41780 MEDIUM

ZTE ZXCLOUD iRAI < 7.23.32 - Unauthenticated DLL Loading Path Traversal

CVE-2023-43064 HIGH

IBM i 7.2-7.5 - Uncontrolled Search Path Element in Facsimile Support

CVE-2023-6891 MEDIUM

PeaZip 9.4.0 - Uncontrolled Search Path in Library Handler

Previous Page 21 of 47 Next

Details

Vulnerabilities 1,171

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy