The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
1,133 vulnerabilities with CWE-427
CVE-2025-20106
MEDIUM
Intel VTune Profiler <2025.0 - Privilege Escalation
CVSS 6.7
CVE-2025-15569
HIGH
Artifex MuPDF <1.26.1 - Path Traversal
CVSS 7.0
CVE-2025-13919
MEDIUM
Symantec Endpoint Protection <14.3 RU10-8 - COM Hijacking
CVSS 4.4
CVE-2025-30248
HIGH
WD Discovery <5.2.730 - RCE
CVE-2025-71178
HIGH
Crucial Storage Executive <11.08.082025.00 - Code Injection
CVE-2025-33231
MEDIUM
NVIDIA Nsight Systems - Code Execution
CVSS 6.7
CVE-2025-33229
HIGH
NVIDIA Nsight Visual Studio for Windows - Privilege Escalation
CVSS 7.3
CVE-2025-65118
HIGH
Aveva Process Optimization < 2025 - Uncontrolled Search Path
CVSS 8.8
CVE-2025-14625
MEDIUM
Altera Quartus Prime <24.1 - Buffer Overflow
CVSS 6.7
CVE-2025-14605
MEDIUM
Altera Quartus Prime Pro <25.1.1 - Search Order Hijacking
CVSS 6.7
CVE-2025-14599
MEDIUM
Altera Quartus Prime <24.1 - Buffer Overflow
CVSS 6.7
CVE-2025-14596
MEDIUM
Altera Quartus Prime Pro <24.3.1 - Buffer Overflow
CVSS 6.7
CVE-2025-57836
HIGH
Samsung Magician < 8.3.2 - Uncontrolled Search Path
CVSS 7.8
CVE-2025-66835
HIGH
TrueConf Client 8.5.2 - Code Injection
CVSS 7.1
CVE-2025-67450
HIGH
Eaton UPS Companion - RCE
CVSS 7.8
CVE-2025-59887
HIGH
Eaton UPS Companion - RCE
CVSS 8.6
CVE-2025-14498
HIGH
TradingView Desktop - Privilege Escalation
CVSS 7.8
CVE-2025-14406
HIGH
Soda PDF Desktop - Privilege Escalation
CVSS 7.8
CVE-2025-14405
MEDIUM
PDFsam Enhanced - Privilege Escalation
CVSS 6.8
CVE-2025-53000
HIGH
Jupyter Nbconvert < 7.16.6 - Uncontrolled Search Path
CVSS 7.8
CVE-2025-13670
MEDIUM
Intel High Level Synthesis Compiler < 24.3 - Uncontrolled Search Path
CVSS 6.7
CVE-2025-13669
MEDIUM
Intel High Level Synthesis Compiler < 24.3 - Uncontrolled Search Path
CVSS 6.7
CVE-2025-13665
MEDIUM
Intel Quartus Prime < 24.1 - Uncontrolled Search Path
CVSS 6.7
CVE-2025-13668
MEDIUM
Intel Quartus Prime < 25.1 - Uncontrolled Search Path
CVSS 6.7
CVE-2025-13664
MEDIUM
Intel Quartus Prime < 24.1 - Uncontrolled Search Path
CVSS 6.7
Details
Vulnerabilities
1,133