Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-427

CWE-427

Uncontrolled Search Path Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

1,172 vulnerabilities with CWE-427

CVE-2019-19689 HIGH

Trend Micro HouseCall <5.3.0.1063 - DLL Hijack

CVE-2019-19235 HIGH

ASUS ATK Package < 1.0.0061 - Uncontrolled Search Path Element via AsLdrSrv.exe

CVE-2019-18670 HIGH

Acer Quick Access <2.01.3027-3.00.3008 - DLL Hijacking

CVE-2019-3667 MEDIUM

McAfee Tech Check < 3.0.0.17 - DLL Search Order Hijacking

CVE-2019-18575 HIGH

Dell Command Configure <4.2.1 - Code Injection

CVE-2019-19364 HIGH

Sony Catalyst Production Suite and Catalyst Browse Suite <1.1.0.21 - DLL Hijacking Privilege Escalation

CVE-2019-15638 HIGH

COPA-DATA zenon < 8.10 - Uncontrolled Search Path Element

CVE-2019-3750 MEDIUM

Dell Command Update < 3.1 - Authenticated Arbitrary File Deletion via Symlink Attack

CVE-2019-3749 MEDIUM

Dell Command Update < 3.1 - Authenticated Arbitrary File Deletion via Symlink Attack

CVE-2019-7365 HIGH

Autodesk Desktop App <7.0.16.29 - Code Injection

CVE-2019-16001 MEDIUM

Cisco Webex Teams for Windows - Local RCE

CVE-2019-18215 HIGH

Comodo Internet Security < 12.1.0.6914 - DLL Preloading via iLog.dll

CVE-2019-12758 MEDIUM

Symantec Endpoint Protection < 14.2 RU2 - Uncontrolled Search Path Element

CVE-2019-7962 HIGH

Adobe Illustrator CC <23.1 - Privilege Escalation

CVE-2019-7960 HIGH

Adobe Animate CC <19.2.1 - Privilege Escalation

CVE-2019-5695 MEDIUM

NVIDIA GeForce Experience < 3.20.1 and GPU Driver - DLL Preloading via Unvalidated Path

CVE-2019-5701 HIGH

NVIDIA GeForce Experience < 3.20.0.118 - Uncontrolled Search Path Element via GameStream DLL Loading

CVE-2019-5694 MEDIUM

NVIDIA Windows GPU Display Driver R390 - Uncontrolled Search Path Element in NVIDIA Control Panel

CVE-2019-6692 HIGH

FortiClient < 6.2.0 - DLL Preload Arbitrary Code Execution

CVE-2019-17093 HIGH

Avast and AVG Antivirus < 19.8 - DLL Preloading in Protected Process Light

CVE-2019-9491 HIGH

Trend Micro ATTK <1.62.0.1218 - RCE

CVE-2019-17665 HIGH

Ghidra < 9.0.2 - DLL Hijacking via Current Working Directory

CVE-2019-6333 MEDIUM

HP Touchpoint Analytics < 4.1.4.2827 - Authenticated Arbitrary Code Execution via DLL Search Order Hijacking

CVE-2019-3745 HIGH

Dell Encryption < 10.4.0 and Endpoint Security Suite Enterprise < 2.4.0 - DLL Hijacking via Installer Search Path

CVE-2019-16407 HIGH

JetBrains ReSharper <2019.2 - DLL Hijacking

Previous Page 42 of 47 Next

Details

Vulnerabilities 1,172

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy