Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-428

CWE-428

Unquoted Search Path or Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

418 vulnerabilities with CWE-428

CVE-2024-58315 HIGH

Tosibox Key Service 3.3.0 - Privilege Escalation

CVE-2024-58288 HIGH

Genexus Protection Server 9.7.2.10 - Code Injection

CVE-2024-36321 HIGH

AIM-T Manageability Service - Privilege Escalation

CVE-2024-57276 HIGH

Electronic Arts Dragon Age Origins 1.05 - Privilege Escalation

CVE-2024-9287 HIGH

Python < 3.9.21 - Command Injection

CVE-2024-9325 HIGH

Intelbras InControl <2.21.56 - Unquoted Search Path

CVE-2024-8996 HIGH

Grafana Agent < 0.43.2 - Privilege Escalation

CVE-2024-8975 HIGH

Grafana Alloy < 1.3.3 - Privilege Escalation

CVE-2024-43457 HIGH

Microsoft Windows Setup and Deployment - Elevation of Privilege

CVE-2024-5963 MEDIUM

Hitachi Device Manager <8.8.7-00 - Buffer Overflow

CVE-2024-31201 MEDIUM

Proges Thermoscan IP - Privilege Escalation

CVE-2024-5402 HIGH

Mint Workbench I <5868 - Privilege Escalation

CVE-2024-6080 HIGH

Intelbras InControl <2.21.56 - Unquoted Search Path

CVE-2024-2747 HIGH

Schneider-electric Easergy Studio < 9.3.3 - Privilege Escalation

CVE-2024-31226 MEDIUM

Sunshine <0.22.2 - Info Disclosure

CVE-2024-3640 HIGH

Rockwell Automation FactoryTalk Remote Access - RCE

CVE-2024-4461 HIGH

SugarSync <4.1.3 - Privilege Escalation

CVE-2024-34010 HIGH

Acronis - Privilege Escalation

CVE-2024-31804 MEDIUM

Terratec DMX_6Fire USB <1.23.0.02 - Privilege Escalation

CVE-2024-4031 MEDIUM

Logitech MEVO WEBCAM APP - RCE

CVE-2024-22437 HIGH

HPE MSA - Privilege Escalation

CVE-2024-1618 HIGH

Faronics Deep Freeze Server <8.30.020.4627 - Local Privilege Escala...

CVE-2024-25552 HIGH

Product <Version - Privilege Escalation

CVE-2024-24722 CRITICAL

12d Synergy <5.1.5.221 - Privilege Escalation

CVE-2024-1201 HIGH

Panterasoft Hdd Health < 4.2.0.112 - Privilege Escalation

Previous Page 3 of 17 Next

Details

Vulnerabilities 418

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy