Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-428

CWE-428

Unquoted Search Path or Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

418 vulnerabilities with CWE-428

CVE-2025-12507 HIGH

Bizerba Communication Server - Code Injection

CVE-2025-60320 MEDIUM

memoQ 10.1.13.ef1b2b52aae - Privilege Escalation

CVE-2025-57227 HIGH

Kingo ROOT <1.5.8.3353 - Privilege Escalation

CVE-2025-12286 HIGH

VeePN <1.6.2 - Unquoted Search Path

CVE-2025-12247 HIGH

Hasleo Backup Suite <5.2 - Path Traversal

CVE-2025-61865 MEDIUM

I-O DATA DEVICE, INC. - Privilege Escalation

CVE-2025-61871 MEDIUM

BUFFALO INC. NAS Navigator2 - Privilege Escalation

CVE-2025-57714 HIGH

NetBak Replicator <4.5.15.0807 - Code Injection

CVE-2025-43993 HIGH

Dell Wireless 5932e Qualcomm Snapdragon X62 Firmware GNSS/GPS Drive...

CVE-2025-54081 MEDIUM

Sunshine <2025.923.33222 - Path Traversal

CVE-2025-9818 MEDIUM

OMRON UPS - Code Injection

CVE-2025-59307 MEDIUM

RAID Manager - Code Injection

CVE-2025-10199 HIGH

Lizardbyte Sunshine - Privilege Escalation

CVE-2025-58400 MEDIUM

RATOC RAID Monitoring Manager - Code Injection

CVE-2025-39246 MEDIUM

HikCentral FocSign - Privilege Escalation

CVE-2025-5191 HIGH

Moxa's industrial computers - Privilege Escalation

CVE-2025-57699 MEDIUM

Western Digital Kitfox - Privilege Escalation

CVE-2025-9043 MEDIUM

Seagate Toolkit <2.34.0.33 - Privilege Escalation

CVE-2025-8070 CRITICAL

ABP and AES - Privilege Escalation

CVE-2025-0035 HIGH

AMD Cloud Manageability Service - Privilege Escalation

CVE-2025-4540 HIGH

MTSoftware C-Lodop <6.6.1.1 - Unquoted Search Path

CVE-2025-1984 MEDIUM

Xerox Desktop Print Experience - Privilege Escalation

CVE-2025-0884 HIGH

OpenText Service Manager <9.72 - Privilege Escalation

CVE-2025-24831 MEDIUM

Acronis Cyber Protect Cloud Agent <39378 - Privilege Escalation

CVE-2025-21107 HIGH

Dell NetWorker <19.11.0.3 - Code Injection

Previous Page 2 of 17 Next

Details

Vulnerabilities 418

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy