Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-427

CWE-427

Uncontrolled Search Path Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

1,172 vulnerabilities with CWE-427

CVE-2022-38633 HIGH

Genymotion Desktop <3.2.1 - Privilege Escalation

CVE-2022-34101 HIGH

Crestron AirMedia <4.3.1.39 - Privilege Escalation

CVE-2022-39846 MEDIUM

Samsung Smart Switch PC < 4.3.22083_3 - Uncontrolled Search Path Element

CVE-2022-36271 HIGH

Outbyte PC Repair Installation File <1.7.112.7856 - Code Injection

CVE-2022-2006 HIGH

AutomationDirect C-more EA9 Firmware < 6.73 - Uncontrolled Search Path Element in Install Directory

CVE-2022-28696 HIGH

Intel(R) Distribution for Python <2022.0.3 - Privilege Escalation

CVE-2022-26374 HIGH

Intel(R) SEAPI - Privilege Escalation

CVE-2022-25999 HIGH

Intel(R) Enpirion(R) Digital Power Configurator - Privilege Escalation

CVE-2022-25841 HIGH

Intel Datacenter Group Event - Uncontrolled Search Path Element

CVE-2022-21807 HIGH

Intel VTune Profiler < 2022.2.0 - Authenticated Privilege Escalation via Uncontrolled Search Path Element

CVE-2022-2334 HIGH

Softing Secure Integration Server V1.22 - RCE

CVE-2022-34235 HIGH

Adobe Premiere Elements <2020v20 - Privilege Escalation

CVE-2022-36840 MEDIUM

Samsung Update < 2.2.9.50 - DLL Hijacking

CVE-2022-2313 HIGH

MA Smart Installer <5.7.7 - Code Injection

CVE-2022-36415 HIGH

Scooter Beyond Compare <4.4.3 - Code Injection

CVE-2022-32498 MEDIUM

Dell PowerStore Command Line Interface < 3.0.0.0-1732745 - DLL Hijacking

CVE-2022-34902 HIGH

Parallels Access 6.5.4 (39316) - Privilege Escalation via Unsecured Qt Plugin Loading

CVE-2022-34901 HIGH

Parallels Access 6.5.4 (39316) - Privilege Escalation via Unsecured Service File Execution

CVE-2022-34900 HIGH

Parallels Access 6.5.3 (39313) - Privilege Escalation via OpenSSL Configuration File

CVE-2022-32223 HIGH

Node.js 14.0.0-14.13.1 and 14.14.0-14.19.3 - DLL Hijacking via OpenSSL Configuration Path

CVE-2022-32222 MEDIUM

Node.js 18.x < 18.40.0 - Cryptographic Configuration Path Vulnerability

CVE-2022-29187 HIGH

Git <2.37.1-2.30.5 - Privilege Escalation

CVE-2022-33037 HIGH

orwell-dev-cpp < 5.11 - Uncontrolled Search Path Element via Crafted .exe File

CVE-2022-33036 HIGH

Embarcadero Dev-C++ v6.3 - Uncontrolled Search Path Element

CVE-2022-33035 HIGH

XLPD <7.0.0094 - Privilege Escalation

Previous Page 29 of 47 Next

Details

Vulnerabilities 1,172

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy