Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-427

CWE-427

Uncontrolled Search Path Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

1,168 vulnerabilities with CWE-427

CVE-2025-1131 HIGH

Asterisk - Local Privilege Escalation via Uncontrolled Search Path in safe_asterisk Script

CVE-2025-57624 HIGH

CYRISMA Agent <444 - Privilege Escalation

CVE-2025-9201 HIGH

Lenovo Browser - Privilege Escalation

CVE-2025-9059 HIGH

Altiris Core Agent Updater - Privilege Escalation

CVE-2025-40979 HIGH

Grandstream Networks Wave < 1.27.11 - Uncontrolled Search Path Element via Temp Directory

CVE-2025-10215 HIGH

UPDF 1.8.5.0 - DLL Search Path Hijacking via FREngine.dll

CVE-2025-10214 HIGH

UPDF 1.8.5.0 - DLL Search Path Hijacking via FREngine.dll Placement

CVE-2025-10213 HIGH

UPDF 1.8.5.0 - DLL Search Path Hijacking via dxtn.dll

CVE-2025-10198 HIGH

Sunshine v2025.122.141614 - DLL Search-Order Hijacking

CVE-2025-55671 HIGH

TkEasyGUI < 1.0.22 - Uncontrolled Search Path Element

CVE-2025-9330 HIGH

Foxit PDF Reader - Privilege Escalation

CVE-2025-8614 HIGH

NoMachine < 8.17.2 - Local Privilege Escalation via OpenSSL Configuration File

CVE-2025-9016 HIGH

Mechrevo Control Center GX V2 5.56.51.48 - Uncontrolled Search Path in Powershell Script Handler

CVE-2025-9000 HIGH

Mechrevo Control Center GX V2 5.56.51.48 - Untrusted Search Path in reg File Handler

CVE-2025-49571 HIGH

Substance 3D Modeler < 1.22.2 - Uncontrolled Search Path Element

CVE-2025-27717 MEDIUM

Intel(R) Graphics Driver - Privilege Escalation

CVE-2025-26404 MEDIUM

Intel(R) DSA <25.2.15.9 - Privilege Escalation

CVE-2025-24923 MEDIUM

Intel AI for Enterprise Retrieval-augmented Generation software - Uncontrolled Search Path Element

CVE-2025-22838 MEDIUM

Intel RealSense <2.14.2.0 - Privilege Escalation

CVE-2025-21093 MEDIUM

Intel(R) Driver & Support Assistant Tool <24.6.49.8 - Privilege Esc...

CVE-2025-20627 MEDIUM

Intel(R) oneAPI DPC++/C++ Compiler <2025.0.1 - Privilege Escalation

CVE-2025-20092 MEDIUM

Clock Jitter Tool <6.0.1 - Privilege Escalation

CVE-2025-20048 MEDIUM

Intel(R) Trace Analyzer and Collector - Privilege Escalation

CVE-2025-20017 MEDIUM

Intel(R) oneAPI Toolkit - Privilege Escalation

CVE-2025-30033 HIGH

Siemens Automation License Manager V6.0 - Uncontrolled Search Path Element

Previous Page 9 of 47 Next

Details

Vulnerabilities 1,168

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy