Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-427

CWE-427

Uncontrolled Search Path Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

1,175 vulnerabilities with CWE-427

CVE-2019-5443 HIGH

curl <= 7.65.1 - Uncontrolled Search Path Element via OpenSSL Engine Config

CVE-2019-12280 HIGH

PC-Doctor Toolbox <7.3 - Buffer Overflow

CVE-2019-12572 HIGH

Private Internet Access VPN Client 1.0.2 - Authenticated Privilege Escalation via OpenSSL Engine Loading

CVE-2019-12133 HIGH

Multiple Zoho ManageEngine products - Privilege Escalation

CVE-2019-5245 MEDIUM

HiSuite <9.1.0.300 - Code Injection

CVE-2019-12177 HIGH

ViveportDesktopService <1.0.0.36 - Privilege Escalation

CVE-2019-7093 HIGH

Creative Cloud Desktop App <4.7.0.400 - Privilege Escalation

CVE-2019-11644 HIGH

F-Secure <17.6 - Privilege Escalation

CVE-2019-5526 HIGH

VMware Workstation 15.0.0-15.0.x - DLL Hijacking Privilege Escalation

CVE-2019-5676 MEDIUM

NVIDIA GPU Display Driver 410-412.36 and GeForce Experience < 3.19 - Uncontrolled Search Path Element

CVE-2019-6564 HIGH

GE Communicator < 4.0.517 - Uncontrolled Search Path Element via Installer Directory

CVE-2019-6546 HIGH

GE Communicator < 4.0.517 - Uncontrolled Search Path Element

CVE-2019-1794 MEDIUM

Cisco Meeting Server - Uncontrolled Search Path Element

CVE-2019-6534 HIGH

Gemalto Sentinel UltraPro Client Library 1.3.0-1.3.2 - Uncontrolled Search Path Element in ux32w.dll

CVE-2019-9896 HIGH

PuTTY < 0.71 - Uncontrolled Search Path Element via Help File

CVE-2019-4094 HIGH

IBM DB2 9.7, 10.1, 10.5, 11.1 - Uncontrolled Search Path Element

CVE-2019-9634 HIGH

Go <1.12 - Code Injection

CVE-2019-9546 CRITICAL

SolarWinds Orion <2018.4-0 - Privilege Escalation

CVE-2019-9116 HIGH

Sublime Text 3 - DLL Hijacking via Trojan Horse DLL in Temp Folder

CVE-2019-7653 CRITICAL

Debian python-rdflib-tools 4.2.2-1 - Code Injection

CVE-2018-7840 HIGH

VideoXpert OpsCenter <3.1 - Buffer Overflow

CVE-2018-1890 MEDIUM

IBM SDK Java Technology Edition 8 - Uncontrolled Search Path Element

CVE-2018-16177 HIGH

Windows 10 Fall Creators Update Modify Module - Untrusted Search Path Vulnerability

CVE-2018-20211 HIGH

ExifTool <8.32 - Privilege Escalation

CVE-2018-15452 MEDIUM

Cisco Advanced Malware Protection for Endpoints - DLL Hijacking via Uncontrolled Search Path

Previous Page 44 of 47 Next

Details

Vulnerabilities 1,175

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy