The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
1,172 vulnerabilities with CWE-427
CVE-2022-43722
HIGH
SICAM PAS/PQS < V7.0 - Code Injection
CVSS 7.8
CVE-2022-29580
HIGH
Google Search < 13.41 - Path Traversal via Symbolic Encoded String Bypass
CVSS 8.9
CVE-2022-38395
HIGH
HP Support Assistant - Privilege Escalation
CVSS 7.8
CVE-2022-3859
MEDIUM
Trellix Agent <5.7.8 - Privilege Escalation
CVSS 6.7
CVE-2022-43751
HIGH
McAfee Total Protection <16.0.49 - Code Injection
CVSS 7.8
CVE-2022-40746
HIGH
IBM i Access Client Solutions 1.1.2-1.1.9.0 - Authenticated Arbitrary Code Execution via DLL Hijacking
CVSS 7.2
CVE-2022-45422
HIGH
LG SmartShare - Local Privilege Escalation via DLL Hijacking
CVSS 7.8
CVE-2022-31694
HIGH
InstallBuilder < 22.10.0 - Uncontrolled Search Path Element via Qt Installer Popup DLL Loading
CVSS 7.3
CVE-2022-36924
HIGH
Zoom Rooms < 5.12.6 - Local Privilege Escalation via Uncontrolled Search Path Element
CVSS 8.8
CVE-2022-28766
LOW
Zoom Client <5.12.6 - Code Injection
CVSS 3.3
CVE-2022-36380
MEDIUM
Intel NUC Kit Wireless Adapter <22.40 - Privilege Escalation
CVSS 6.7
CVE-2022-30548
MEDIUM
Intel Glorp - Uncontrolled Search Path Element
CVSS 6.7
CVE-2022-27638
MEDIUM
Intel Advanced Link Analyzer Pro < 22.2 / Standard < 22.1.1 - Privilege Escalation via Uncontrolled Search Path
CVSS 6.7
CVE-2022-27187
MEDIUM
Intel Quartus Prime Standard < 21.1 - Authenticated Privilege Escalation via Uncontrolled Search Path
CVSS 6.7
CVE-2022-26086
MEDIUM
Intel(R) PresentMon <1.7.1 - Privilege Escalation
CVSS 6.7
CVE-2022-26028
MEDIUM
Intel(R) VTune(TM) Profiler <2022.2.0 - Privilege Escalation
CVSS 6.7
CVE-2022-43310
HIGH
Foxit Reader <11.2.118.51569 - Privilege Escalation
CVSS 7.8
CVE-2022-34825
CRITICAL
EXPRESSCLUSTER X < 5.0 - Unauthenticated Uncontrolled Search Path Element
CVSS 9.8
CVE-2022-44744
HIGH
Acronis Cyber Protect Home Office < 40107 - Local Privilege Escalation via DLL Hijacking
CVSS 7.3
CVE-2022-39286
HIGH
Jupyter Core <4.11.2 - Code Injection
CVSS 8.8
CVE-2022-41796
HIGH
Content Transfer <1.3 - Privilege Escalation
CVSS 7.8
CVE-2022-33921
HIGH
Dell GeoDrive < 2.2.3 - DLL Hijacking
CVSS 7.0
CVE-2022-32168
HIGH
Notepad++ < 8.4.5 - DLL Hijacking via UxTheme.dll
CVSS 7.8
CVE-2022-40978
HIGH
JetBrains IntelliJ IDEA <2022.2.2 - Code Injection
CVSS 7.5
CVE-2022-2333
HIGH
Honeywell SoftMaster <4.51 - Code Injection
CVSS 8.8
Details
Vulnerabilities
1,172