Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-428

CWE-428

Unquoted Search Path or Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

418 vulnerabilities with CWE-428

CVE-2021-43454 HIGH

AnyTXT Searcher <1.2.394 - Buffer Overflow

CVE-2021-45819 MEDIUM

Wordline HIDCCEMonitorSVC <5.2.4.3 - Privilege Escalation

CVE-2021-46368 HIGH

TRIGONE Remote System Monitor <3.61 - Privilege Escalation

CVE-2021-29218 MEDIUM

HPE Agentless Mgmt Svcs <1.44.0.0 - Privilege Escalation

CVE-2021-45460 HIGH

Siemens Sicam PQ Analyzer Firmware < 3.18 - Denial of Service

CVE-2021-25269 MEDIUM

Sophos Intercept X Advanced <2.0.23 - Privilege Escalation

CVE-2021-23197 MEDIUM

Gallagher Command Centre <8.50.2048 - RCE

CVE-2021-33095 HIGH

Intel(R) NUC M15 Laptop Kit Keyboard LED Service <1.0.0.4 - Privile...

CVE-2021-42563 HIGH

NI Service Locator <18.0 - Privilege Escalation

CVE-2021-35231 MEDIUM

Kiwi Syslog Server - Privilege Escalation

CVE-2021-40683 HIGH

Akamai EAA Client <2.3.1-2.5.3 - Path Traversal

CVE-2021-35056 MEDIUM

Unisys Stealth <5.1.025.0, <6.0.055.0 - Info Disclosure

CVE-2021-35469 HIGH

Lexmark Printer Software - Privilege Escalation

CVE-2021-0112 HIGH

Intel Unite(R) Client <4.2.25031 - Privilege Escalation

CVE-2021-31776 HIGH

Aviatrix VPN Client < 2.14.14 - Privilege Escalation

CVE-2021-31553 MEDIUM

Mediawiki < 1.35.2 - Denial of Service

CVE-2021-27608 HIGH

SAPSetup <9.0 - Privilege Escalation

CVE-2021-23879 MEDIUM

McAfee Endpoint Product Removal <21.2 - RCE

CVE-2021-21292 MEDIUM

Traccar <4.12 - Privilege Escalation

CVE-2020-37102 HIGH

Adaware Web Companion 4.9.2159 - Code Injection

CVE-2020-37101 HIGH

VPN Unlimited 6.1 - Code Injection

CVE-2020-37100 HIGH

Sync Breeze Enterprise 12.4.18 - Code Injection

CVE-2020-37099 HIGH

Disk Savvy Enterprise 12.3.18 - Code Injection

CVE-2020-37098 HIGH

Disk Sorter Enterprise <12.4.16 - Code Injection

CVE-2020-37064 HIGH

EPSON EasyMP Network Projection 2.81 - Code Injection

Previous Page 10 of 17 Next

Details

Vulnerabilities 418

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy