The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
1,133 vulnerabilities with CWE-427
CVE-2025-10581
HIGH
Lenovo Pcmanager < 5.1.140.9262 - Uncontrolled Search Path
CVSS 7.8
CVE-2025-26861
HIGH
RemoteCall <5.3.0 - Code Injection
CVSS 7.8
CVE-2025-26860
HIGH
RemoteCall <5.1.0 - Code Injection
CVSS 7.8
CVE-2025-26859
HIGH
RemoteView PC App <6.0.2 - Code Injection
CVSS 7.8
CVE-2025-57716
MEDIUM
Fortinet Forticlient < 7.2.12 - Uncontrolled Search Path
CVSS 6.7
CVE-2025-59889
HIGH
Eaton IPP - RCE
CVSS 8.6
CVE-2025-23309
HIGH
NVIDIA Display Driver - Memory Corruption
CVSS 8.2
CVE-2025-32919
HIGH
Checkmk < 2.2.0 - Uncontrolled Search Path
CVSS 7.8
CVE-2025-62185
MEDIUM
Anki < 25.02.5 - Uncontrolled Search Path
CVSS 6.7
CVE-2025-57781
HIGH
DENSO TEN drive recorder viewer - Code Injection
CVSS 7.8
CVE-2025-27237
HIGH
Zabbix Agent/Agent 2 <Windows> - Privilege Escalation
CVE-2025-11223
HIGH
Panasonic AutoDownloader <1.2.8 - Code Injection
CVSS 7.8
CVE-2025-23355
MEDIUM
Nvidia Nsight Graphics < 2025.3 - Uncontrolled Search Path
CVSS 6.7
CVE-2025-59684
HIGH
Digisigner One - Uncontrolled Search Path
CVSS 8.8
CVE-2025-11178
HIGH
Acronis True Image <build 42386 - Privilege Escalation
CVSS 7.3
CVE-2025-56383
HIGH
Notepad++ v8.8.3 - Code Injection
CVSS 8.4
CVE-2025-9267
HIGH
Seagate Toolkit <2.35.0.6 - RCE
CVE-2025-9844
HIGH
Salesforce CLI <2.106.6 - Buffer Overflow
CVSS 8.8
CVE-2025-1131
HIGH
Sangoma Asterisk < 18.26.3 - Uncontrolled Search Path
CVSS 7.8
CVE-2025-57624
HIGH
CYRISMA Agent <444 - Privilege Escalation
CVSS 7.8
CVE-2025-9201
HIGH
Lenovo Browser - Privilege Escalation
CVSS 7.8
CVE-2025-9059
HIGH
Altiris Core Agent Updater - Privilege Escalation
CVE-2025-40979
HIGH
Windows 11 <1.27.8 - Local RCE
CVE-2025-10215
HIGH
Updf - Uncontrolled Search Path
CVSS 7.8
CVE-2025-10214
HIGH
Updf - Uncontrolled Search Path
CVSS 7.8
Details
Vulnerabilities
1,133