Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-427

CWE-427

Uncontrolled Search Path Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

1,172 vulnerabilities with CWE-427

CVE-2020-25244 HIGH

LOGO! Soft Comfort < V8.4 - DLL Hijacking via Insecure Library Loading

CVE-2020-9681 MEDIUM

Adobe Genuine Service < 6.6 - Authenticated Uncontrolled Search Path Element

CVE-2020-9667 MEDIUM

Adobe Genuine Service < 6.6 - Authenticated Uncontrolled Search Path Element

CVE-2020-6790 HIGH

Bosch Video Streaming Gateway <= 6.45.10 - Uncontrolled Search Path Element

CVE-2020-6789 HIGH

Bosch Monitor Wall <= 10.00.0164 - Uncontrolled Search Path Element in Installer

CVE-2020-6788 HIGH

Bosch Configuration Manager <= 7.21.0078 - Uncontrolled Search Path Element

CVE-2020-6787 HIGH

Bosch Video Client <= 1.7.6.079 - Uncontrolled Search Path Element via Installer DLL Loading

CVE-2020-6786 HIGH

Bosch Video Recording Manager <= 3.71 - Uncontrolled Search Path Element via Installer DLL Loading

CVE-2020-6785 HIGH

Bosch BVMS and BVMS Viewer < 9.0 - Uncontrolled Search Path Element in DLL Loading

CVE-2020-6771 HIGH

Bosch IP Helper <= 1.00.0008 - Uncontrolled Search Path Element

CVE-2020-9367 HIGH

Zoho ManageEngine Desktop Central MSP build 10.0.486 - DLL Hijacking via CSUNSAPI.dll

CVE-2020-26155 HIGH

Utimaco SecurityServer 4.20.0.4 and 4.31.1.0 - DLL Hijacking via Uncontrolled Search Path Element

CVE-2020-28646 HIGH

owncloud_desktop_client < 2.7 - DLL Injection via Plugin Loading

CVE-2020-24485 HIGH

Intel(R) FPGA OPAE Driver <4.17 - Privilege Escalation

CVE-2020-24451 HIGH

Intel(R) Optane(TM) DC Persistent Memory <1.00.00.3506 - Privilege ...

CVE-2020-25238 HIGH

SIMATIC PCS neo < 3.1 and TIA Portal V15-V16 - Authenticated Privilege Escalation via File Manipulation

CVE-2020-35145 HIGH

Acronis True Image for Windows <2021-3 - Privilege Escalation

CVE-2020-26050 HIGH

SaferVPN 5.0.3.3-5.0.4.15 - Local Privilege Escalation via OpenSSL Configuration File

CVE-2020-35483 HIGH

AnyDesk 5.4.2-6.0.9 - Uncontrolled Search Path Element via Trojan Horse gcapi.dll

CVE-2020-5681 HIGH

EpsonNet SetupManager <2.2.14 - Privilege Escalation

CVE-2020-24578 MEDIUM

D-Link DSL-2888A <AU_2.31_V1.1.47ae55 - Info Disclosure

CVE-2020-29654 HIGH

Western Digital Dashboard <3.2.2.9 - Privilege Escalation

CVE-2020-24447 HIGH

Adobe Lightroom Classic <10.0 - RCE

CVE-2020-24440 HIGH

Adobe Prelude <9.0.1 - Code Injection

CVE-2020-2049 HIGH

Cortex XDR Agent 7.1-7.2 - Authenticated Local Privilege Escalation via Uncontrolled Search Path

Previous Page 37 of 47 Next

Details

Vulnerabilities 1,172

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy