VYPR

CWE-427

Uncontrolled Search Path Element

BaseDraft

Description

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-38 · CAPEC-471

CVEs mapped to this weakness (377)

page 10 of 19
  • CVE-2017-5170HigJan 18, 2018
    risk 0.47cvss 7.2epss 0.01

    An Uncontrolled Search Path Element issue was discovered in Moxa SoftNVR-IA Live Viewer, Version 3.30.3122 and prior versions. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. To exploit this vulnerability, an attacker could rename a…

  • CVE-2017-4987HigJun 19, 2017
    risk 0.47cvss 7.3epss 0.00

    In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user can load a maliciously crafted file in the search path which may potentially allow the attacker to execute arbitrary code on the targeted VNX Control…

  • CVE-2017-5161HigFeb 13, 2017
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this…

  • CVE-2026-44358HigMay 28, 2026
    risk 0.46cvss 8.2epss 0.00

    Espressif Shared GitHub DangerJS is a reusable GitHub Action CI DangerJS workflow for Espressif GitHub projects. Prior to 1.0.1, the action's entrypoint.sh invoked DangerJS from the caller's workspace after copying the fork's checkout into it, creating an untrusted search path…

  • CVE-2025-62628HigMay 14, 2026
    risk 0.46cvss epss 0.00

    Unsafe OpenSSL initialization within some AMD optional tools may allow a local user-privileged attacker to inject a malicious DLL, potentially resulting in arbitrary code execution.

  • CVE-2026-6421HigApr 17, 2026
    risk 0.46cvss 7.0epss 0.00

    A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It…

  • CVE-2026-4962HigMar 27, 2026
    risk 0.46cvss 7.0epss 0.00

    A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack…

  • CVE-2026-4546HigMar 22, 2026
    risk 0.46cvss 7.0epss 0.00

    A weakness has been identified in Flos Freeware Notepad2 4.2.25. This impacts an unknown function in the library TextShaping.dll. Executing a manipulation can lead to uncontrolled search path. The attack is restricted to local execution. The attack requires a high level of…

  • CVE-2026-4545HigMar 22, 2026
    risk 0.46cvss 7.0epss 0.00

    A security flaw has been discovered in Flos Freeware Notepad2 4.2.25. This affects an unknown function in the library PROPSYS.dll. Performing a manipulation results in uncontrolled search path. The attack is only possible with local access. The attack is considered to have high…

  • CVE-2026-3787HigMar 8, 2026
    risk 0.46cvss 7.0epss 0.00

    A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is…

  • CVE-2026-2538HigFeb 16, 2026
    risk 0.46cvss 7.0epss 0.00

    A security flaw has been discovered in Flos Freeware Notepad2 4.2.22/4.2.23/4.2.24/4.2.25. Affected is an unknown function in the library Msimg32.dll. Performing a manipulation results in uncontrolled search path. Attacking locally is a requirement. The attack's complexity is…

  • CVE-2026-2516HigFeb 15, 2026
    risk 0.46cvss 7.0epss 0.00

    A vulnerability was identified in Unidocs ezPDF DRM Reader and ezPDF Reader 2.0/3.0.0.4. This affects an unknown part in the library SHFOLDER.dll. Such manipulation leads to uncontrolled search path. The attack needs to be performed locally. Attacks of this nature are highly…

  • CVE-2025-15569HigFeb 10, 2026
    risk 0.46cvss 7.0epss 0.00

    A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the function get_system_dpi of the file platform/x11/win_main.c. This manipulation causes uncontrolled search path. The attack requires local access. The attack is considered to have high…

  • CVE-2025-71178HigJan 26, 2026
    risk 0.46cvss epss 0.00

    Crucial Storage Executive installer versions prior to 11.08.082025.00 contain a DLL preloading vulnerability. During installation, the installer runs with elevated privileges and loads Windows DLLs using an uncontrolled search path, which can cause a malicious DLL placed…

  • CVE-2025-11940HigOct 19, 2025
    risk 0.46cvss 7.0epss 0.00

    A security vulnerability has been detected in LibreWolf up to 143.0.4-1 on Windows. This affects an unknown function of the file assets/setup.nsi of the component Installer. Such manipulation leads to uncontrolled search path. The attack must be carried out locally. Attacks of…

  • CVE-2025-9267HigSep 26, 2025
    risk 0.46cvss epss 0.00

    In Seagate Toolkit on Windows a vulnerability exists in the Toolkit Installer prior to versions 2.35.0.6 where it attempts to load DLLs from the current working directory without validating their origin or integrity. This behavior can be exploited by placing a malicious DLL in…

  • CVE-2025-40979HigSep 10, 2025
    risk 0.46cvss epss 0.00

    DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27.8. Exploitation of this vulnerability could allow attackers with local access to execute arbitrary code by placing an arbitrary file in the 'C:\Users\AppData\Local\Temp'…

  • CVE-2025-9016HigAug 15, 2025
    risk 0.46cvss 7.0epss 0.00

    A vulnerability was identified in Mechrevo Control Center GX V2 5.56.51.48. This affects an unknown part of the file C:\Program Files\OEM\机械革命控制中心\AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to…

  • CVE-2025-9000HigAug 15, 2025
    risk 0.46cvss 7.0epss 0.00

    A vulnerability was found in Mechrevo Control Center GX V2 5.56.51.48. Affected by this vulnerability is an unknown functionality of the component reg File Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The…

  • CVE-2025-25011HigJul 30, 2025
    risk 0.46cvss 7.0epss 0.00

    An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete…