Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-427

CWE-427

Uncontrolled Search Path Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

1,173 vulnerabilities with CWE-427

CVE-2019-16407 HIGH

JetBrains ReSharper <2019.2 - DLL Hijacking

CVE-2019-3726 MEDIUM

Dell Update Package Framework < 3.8.3.67 - Authenticated DLL Hijacking via Uncontrolled Search Path

CVE-2019-8076 HIGH

Adobe Application Manager 10.0 - Arbitrary Code Execution via Insecure Library Loading

CVE-2019-11773 HIGH

Eclipse OMR <0.1 - Code Injection/Privilege Escalation

CVE-2019-4447 HIGH

IBM DB2 High Performance Unload <6.1 - Command Injection

CVE-2019-7364 HIGH

Autodesk Advance Steel 2017-2020 - Uncontrolled Search Path Element via DWG File

CVE-2019-7362 HIGH

Autodesk Design Review <2019 - Code Injection

CVE-2019-14686 HIGH

Trend Micro Security <2019 - DLL Hijacking

CVE-2019-14687 HIGH

Trend Micro Password Manager 5.0 - DLL Hijacking

CVE-2019-14684 HIGH

Trend Micro Password Manager 5.0 - DLL Hijacking

CVE-2019-5631 HIGH

Rapid7 InsightAppSec < 2019.06.24 - DLL Injection in prunsrv.exe

CVE-2019-8062 HIGH

Adobe After Effects < 16 - Uncontrolled Search Path Element

CVE-2019-7961 HIGH

Adobe Prelude CC <8.1 - Code Injection

CVE-2019-7931 HIGH

Adobe Premiere Pro CC <13.1.2 - RCE

CVE-2019-7870 HIGH

Adobe Character Animator <=2.1 - RCE

CVE-2019-4473 HIGH

IBM SDK Java Technology Edition 7 7R and 8 - Uncontrolled Search Path Element

CVE-2019-14242 MEDIUM

Bitdefender <6.6.8.115,23.0.24.120 - Code Injection

CVE-2019-1010100 HIGH

Akeo Rufus < 3.0 - DLL Search Order Hijacking in Executable Installers

CVE-2019-7956 HIGH

Adobe Dreamweaver <19.0 - DLL Hijacking

CVE-2019-6825 HIGH

ProClima < 8.0.0 - Uncontrolled Search Path Element via Malicious DLL Execution

CVE-2019-5629 HIGH

Rapid7 Insight Agent < 2.6.3 - Local Privilege Escalation via Uncontrolled DLL Search Path

CVE-2019-12575 HIGH

Private Internet Access VPN Client v82 - Authenticated Privilege Escalation via Library Loading Path

CVE-2019-1855 HIGH

Cisco Jabber for Windows - Local Privilege Escalation

CVE-2019-5443 HIGH

curl <= 7.65.1 - Uncontrolled Search Path Element via OpenSSL Engine Config

CVE-2019-12280 HIGH

PC-Doctor Toolbox <7.3 - Buffer Overflow

Previous Page 43 of 47 Next

Details

Vulnerabilities 1,173

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy