Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-427

CWE-427

Uncontrolled Search Path Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

1,172 vulnerabilities with CWE-427

CVE-2020-28950 HIGH

Kaspersky Anti-Ransomware Tool < 4.0 - DLL Hijacking

CVE-2020-27348 MEDIUM

snapcraft <4.4.4, <2.43.1+16.04.1, <2.43.1+18.04.1 - RCE

CVE-2020-6021 HIGH

Check Point Endpoint Security Client for Windows <E84.20 - Privileg...

CVE-2020-25738 MEDIUM

CyberArk Endpoint Privilege Manager 11.1.0.173 - Uncontrolled Search Path Element via DLL Injection

CVE-2020-5674 HIGH

Epson Album Print - Uncontrolled Search Path Element

CVE-2020-12329 HIGH

Intel VTune Profiler < 2020 - Authenticated Privilege Escalation via Uncontrolled Search Path

CVE-2020-12320 HIGH

Intel SCS Add-on for Microsoft SCCM - Uncontrolled Search Path Element

CVE-2020-13771 HIGH

Ivanti Endpoint Manager < 2020.1.1 - Uncontrolled Search Path Element via DLL Hijacking

CVE-2020-5992 HIGH

NVIDIA GeForce NOW <2.0.25.119 - Code Injection

CVE-2020-25174 HIGH

B. Braun OnlineSuite < 3.0 - DLL Hijacking

CVE-2020-27955 CRITICAL

Git Remote Code Execution via git-lfs (CVE-2020-27955)

CVE-2020-27708 HIGH

EA Origin < 10.5.86 - Uncontrolled Search Path Element

CVE-2020-5145 HIGH

SonicWall Global VPN Client < 4.10.4.0314 - Remote Code Execution via DLL Hijacking

CVE-2020-24425 HIGH

Dreamweaver <20.2 - Privilege Escalation

CVE-2020-24424 HIGH

Adobe Premiere Pro < 14.4 - Uncontrolled Search Path Element

CVE-2020-24423 HIGH

Adobe Media Encoder < 14.4 - Uncontrolled Search Path Element

CVE-2020-24420 HIGH

Adobe Photoshop for Windows <21.2.1 - RCE

CVE-2020-24419 HIGH

Adobe After Effects < 17.1.1 - Uncontrolled Search Path Element

CVE-2020-24422 HIGH

Adobe Creative Cloud Desktop Application <5.2, 2.1 - RCE

CVE-2020-8345 HIGH

Lenovo HardwareScan Plugin <1.0.46.11 - Privilege Escalation

CVE-2020-26947 HIGH

Monero GUI <0.17.1.0 - Privilege Escalation

CVE-2020-26894 HIGH

LiveCode v9.6.1 - Privilege Escalation

CVE-2020-3535 HIGH

Cisco Webex Teams 3.0.13464.0-3.0.16040.0 - Authenticated DLL Hijacking via Uncontrolled Search Path

CVE-2020-24356 MEDIUM

cloudflared <2020.8.1 - Privilege Escalation

CVE-2020-26538 HIGH

Foxit Reader & PhantomPDF <10.1 - RCE

Previous Page 38 of 47 Next

Details

Vulnerabilities 1,172

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy