Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-427

CWE-427

Uncontrolled Search Path Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

1,172 vulnerabilities with CWE-427

CVE-2021-41544 HIGH

Siemens Software Center < 3.0 - DLL Hijacking via Uncontrolled Search Path

CVE-2021-31637 HIGH

UwAmp 1.1-3.0.2 - Remote Code Execution via DLL Hijacking

CVE-2021-36631 MEDIUM

Baidunetdisk <7.4.3 - Privilege Escalation

CVE-2021-33064 MEDIUM

Intel(R) System Studio - Privilege Escalation

CVE-2021-38410 HIGH

AVEVA Platform Common Services Portal 4.4.6-4.5.2 - DLL Hijacking via Uncontrolled Search Path Element

CVE-2021-42923 HIGH

ShowMyPC 3606 - DLL Hijacking via wodVPN.dll

CVE-2021-34606 HIGH

XINJE XD/E Series PLC Program Tool < 3.5.1 - Authenticated DLL Hijacking via Uncontrolled Search Path

CVE-2021-42743 HIGH

Splunk < 8.1.1 - Local Privilege Escalation via Node Default Path Misconfiguration

CVE-2021-20051 HIGH

SonicWall Global VPN Client < 4.10.7.1117 - DLL Search Order Hijacking in Installer Component

CVE-2021-44226 HIGH

Razer Synapse < 3.7.0228.022817 - Uncontrolled Search Path Element via Service Bin Directory

CVE-2021-43940 HIGH

Atlassian Confluence <7.4.10 & <7.12.3 - Privilege Escalation

CVE-2021-33101 HIGH

Intel(R) GPA <21.2 - Privilege Escalation

CVE-2021-0169 MEDIUM

Intel PROSet/Wireless <11 - Privilege Escalation

CVE-2021-44206 HIGH

Acronis True Image and Cyber Protect Home Office - Local Privilege Escalation via DLL Hijacking

CVE-2021-44205 HIGH

Acronis True Image 2021 < 39287 & Cyber Protect Home Office < 39612 - Local Privilege Escalation via DLL Hijacking

CVE-2021-44463 HIGH

Emerson DeltaV - Uncontrolled Search Path Element

CVE-2021-30360 HIGH

Check Point Remote Access Client - Code Injection

CVE-2021-4007 HIGH

Rapid7 Insight Agent <3.1.2.34 - Privilege Escalation

CVE-2021-20047 HIGH

SonicWall Global VPN Client < 4.10.6 - DLL Search Order Hijacking

CVE-2021-43037 HIGH

Kaseya Unitrends <10.5.5 - Privilege Escalation

CVE-2021-32592 HIGH

FortiClientWindows/EMS DLL Hijack via OpenSSL Engine Library

CVE-2021-44199 MEDIUM

Acronis Agent and Cyber Protect - Denial of Service via DLL Hijacking

CVE-2021-44198 HIGH

Acronis Cyber Protect 15 < 28035 - DLL Hijacking

CVE-2021-0082 HIGH

Intel WiFi Firmware <22.40/2.4.1541 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2021-3840 HIGH

Lenovo Antilles < 1.0.1 - Remote Code Execution via Dependency Confusion

Previous Page 32 of 47 Next

Details

Vulnerabilities 1,172

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy