Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-427

CWE-427

Uncontrolled Search Path Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

1,172 vulnerabilities with CWE-427

CVE-2021-21518 HIGH

Dell SupportAssist Client - Uncontrolled Search Path Element in Costura Fody Plugin

CVE-2021-20674 HIGH

MagicConnect Client <2021-03-01 - Privilege Escalation

CVE-2021-1366 HIGH

Cisco AnyConnect Secure Mobility Client < 4.9.05042 - Authenticated DLL Hijacking via IPC Channel

CVE-2021-25247 HIGH

Trend Micro HouseCall <5.3.1063 - Privilege Escalation

CVE-2021-3115 HIGH

GO < 1.14.14 - Uncontrolled Search Path

CVE-2021-1280 HIGH

Cisco AMP for Endpoints <7.3.3 & Immunet <7.3.12 - Authenticated DLL Hijacking

CVE-2021-21011 HIGH

Adobe Captivate <11.5.1.499 - Privilege Escalation

CVE-2021-21010 HIGH

Adobe InCopy < 15.1.3 - Uncontrolled Search Path Element

CVE-2021-21008 HIGH

Adobe Animate < 21.0 - Uncontrolled Search Path Element

CVE-2021-21007 HIGH

Adobe Illustrator < 25.0 - Uncontrolled Search Path Element

CVE-2021-1240 MEDIUM

Cisco Proximity < 3.1.0 - Authenticated DLL Hijacking via Uncontrolled Search Path

CVE-2021-1237 HIGH

Cisco AnyConnect Secure Mobility Client for Windows - DLL Injection

CVE-2021-20616 HIGH

SKYSEA Client View <16.001.01g - Privilege Escalation

CVE-2020-23438 HIGH

Wondershare filmora <9.2.11 - Privilege Escalation

CVE-2020-28369 HIGH

BeyondTrust Privilege Management for Windows < 5.7 - Uncontrolled Search Path Element via Cryptbase.dll Loading

CVE-2020-25502 HIGH

Cybereason Endpoint Detection and Response - DLL Hijacking

CVE-2020-25182 MEDIUM

Schneider-electric Easergy T300 Firmware - Uncontrolled Search Path

CVE-2020-12891 HIGH

AMD Radeon Software - DLL Hijacking

CVE-2020-18173 HIGH

1Password <7.3.712 - Code Injection

CVE-2020-4623 MEDIUM

IBM i2 iBase 8.9.13 - Authenticated Arbitrary Code Execution via DLL Search Order Hijacking

CVE-2020-5316 HIGH

Dell SupportAssist for Business PCs 2.0-2.1.3 and Home PCs 2.0-3.4 - Uncontrolled Search Path Element

CVE-2020-11634 HIGH

Zscaler Client Connector < 2.1.2.105 - DLL Hijacking via OpenSSL Configuration

CVE-2020-29157 HIGH

RAONWIZ K Editor 2018.0.0.10 - DLL Hijacking via Uncontrolled Search Path

CVE-2020-8702 HIGH

Intel(R) Processor Diagnostic Tool <4.1.5.37 - Privilege Escalation

CVE-2020-24755 HIGH

Ubiquiti UniFi Video v3.10.13 - Uncontrolled Search Path Element

Previous Page 36 of 47 Next

Details

Vulnerabilities 1,172

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy