Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-427

CWE-427

Uncontrolled Search Path Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

1,172 vulnerabilities with CWE-427

CVE-2022-37340 MEDIUM

Intel QuickAssist Technology < 1.6 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2022-37329 MEDIUM

Intel Quartus Prime < 21.1 and < 21.3 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2022-36398 MEDIUM

Intel(R) Battery Life Diagnostic Tool <2.2.0 - Privilege Escalation

CVE-2022-26512 MEDIUM

Intel(R) FPGA Add-on <2022.2 - Privilege Escalation

CVE-2022-26425 MEDIUM

Intel oneAPI <2021.6 - Privilege Escalation

CVE-2022-26421 MEDIUM

Intel oneAPI DPC++/C++ Compiler Runtime < 2022.0 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2022-26345 MEDIUM

Intel(R) oneAPI Toolkit OpenMP <2022.1 - Privilege Escalation

CVE-2022-26076 MEDIUM

Intel(R) oneDNN <2022.1 - Privilege Escalation

CVE-2022-26062 MEDIUM

Intel(R) Trace Analyzer <2021.6 - Privilege Escalation

CVE-2022-26052 MEDIUM

Intel(R) MPI Library <2021.6 - Privilege Escalation

CVE-2022-26032 MEDIUM

Intel(R) Distribution for Python <2022.1 - Privilege Escalation

CVE-2022-25905 MEDIUM

Intel oneAPI Data Analytics Library < 2021.5 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2022-48077 HIGH

Genymotion Desktop 3.3.2 - Uncontrolled Search Path Element via DLL Hijacking

CVE-2022-43440 HIGH

Checkmk Agent <2.1.0p1-1.6.0p29 - Privilege Escalation

CVE-2022-31611 MEDIUM

NVIDIA GeForce Experience - Privilege Escalation

CVE-2022-38136 MEDIUM

Intel oneAPI <2022.2.1-2022.3.1 - Privilege Escalation

CVE-2022-34396 HIGH

Dell OpenManage Server Administrator < 10.3.0.0 - Authenticated DLL Injection

CVE-2022-47632 MEDIUM

Razer Synapse < 3.7.0830.081906 - Local Privilege Escalation via DLL Hijacking

CVE-2022-41141 HIGH

Windscribe - Uncontrolled Search Path Element in OpenSSL Configuration

CVE-2022-36930 HIGH

Zoom Rooms < 5.13.0 - Local Privilege Escalation via Uncontrolled Search Path Element

CVE-2022-44939 HIGH

Efs Software Easy Chat Server 3.1 - Uncontrolled Search Path Element via TextShaping.dll

CVE-2022-36314 MEDIUM

Firefox < 103.0 and Firefox ESR < 102.1 - Uncontrolled Search Path Element via Windows Shortcut

CVE-2022-22736 HIGH

Firefox < 96.0 - Local Privilege Escalation via World-Writable Installation Directory

CVE-2022-46330 HIGH

Squirrel.Windows < 2.0.1 - Uncontrolled Search Path Element in Installer

CVE-2022-42945 HIGH

DWG TrueView 2023 - Remote Code Execution via DLL Search Order Hijacking

Previous Page 27 of 47 Next

Details

Vulnerabilities 1,172

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy