VYPR

CWE-427

Uncontrolled Search Path Element

BaseDraft

Description

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-38 · CAPEC-471

CVEs mapped to this weakness (377)

page 16 of 19
  • CVE-2024-21841MedMay 16, 2024
    risk 0.44cvss 6.7epss 0.00

    Uncontrolled search path for some Intel(R) Distribution for GDB software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2024-21818MedMay 16, 2024
    risk 0.44cvss 6.7epss 0.00

    Uncontrolled search path in some Intel(R) PCM software before version 202311 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2024-21774MedMay 16, 2024
    risk 0.44cvss 6.7epss 0.00

    Uncontrolled search path in some Intel(R) Processor Identification Utility software before versions 6.10.34.1129, 7.1.6 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-43751MedMay 16, 2024
    risk 0.44cvss 6.7epss 0.00

    Uncontrolled search path in Intel(R) Graphics Command Center Service bundled in some Intel(R) Graphics Windows DCH driver software before versions 31.0.101.3790/31.0.101.2114 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-40155MedMay 16, 2024
    risk 0.44cvss 6.7epss 0.00

    Uncontrolled search path for some Intel(R) CST software before version 2.1.10300 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-39929MedMay 16, 2024
    risk 0.44cvss 6.7epss 0.00

    Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2017-12313MedNov 16, 2017
    risk 0.44cvss 6.7epss 0.01

    An untrusted search path (aka DLL Preload) vulnerability in the Cisco Network Academy Packet Tracer software could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the…

  • CVE-2017-6417MedMar 21, 2017
    risk 0.44cvss 6.7epss 0.01

    Code injection vulnerability in Avira Total Security Suite 15.0 (and earlier), Optimization Suite 15.0 (and earlier), Internet Security Suite 15.0 (and earlier), and Free Security Suite 15.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject…

  • CVE-2017-5567MedMar 21, 2017
    risk 0.44cvss 6.7epss 0.01

    Code injection vulnerability in Avast Premier 12.3 (and earlier), Internet Security 12.3 (and earlier), Pro Antivirus 12.3 (and earlier), and Free Antivirus 12.3 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full…

  • CVE-2017-5566MedMar 21, 2017
    risk 0.44cvss 6.7epss 0.01

    Code injection vulnerability in AVG Ultimate 17.1 (and earlier), AVG Internet Security 17.1 (and earlier), and AVG AntiVirus FREE 17.1 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any AVG process via…

  • CVE-2017-5565MedMar 21, 2017
    risk 0.44cvss 6.7epss 0.01

    Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 11.0 (and earlier), and Antivirus+ Security 11.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any…

  • CVE-2025-11772MedDec 1, 2025
    risk 0.43cvss 6.6epss 0.00

    A carefully crafted DLL, copied to C:\ProgramData\Synaptics folder, allows a local user to execute arbitrary code with elevated privileges during driver installation.

  • CVE-2025-3051MedApr 1, 2025
    risk 0.42cvss 6.5epss 0.00

    Linux::Statm::Tiny for Perl before 0.0701 allows untrusted code from the current working directory ('.') to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially…

  • CVE-2025-30673MedApr 1, 2025
    risk 0.42cvss 6.5epss 0.00

    Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory ('.') to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially…

  • CVE-2025-30672MedApr 1, 2025
    risk 0.42cvss 6.5epss 0.00

    Mite for Perl before 0.013000 generates code with the current working directory ('.') added to the @INC path similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to…

  • CVE-2024-34016MedSep 16, 2024
    risk 0.42cvss 6.5epss 0.00

    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 38235.

  • CVE-2024-50583MedOct 25, 2024
    risk 0.41cvss 6.3epss 0.00

    Whale browser Installer before 3.1.0.0 allows an attacker to execute a malicious DLL in the user environment due to improper permission settings.

  • CVE-2026-32323HigMay 19, 2026
    risk 0.40cvss 7.3epss 0.00

    Mullvad VPN is a VPN client app for desktop and mobile. When using macOS with versions 2026.1 and below, Mullvad VPN may allow local privilege escalation during installation or upgrade. The installer package executes binaries from /Applications/Mullvad VPN.app without verifying…

  • CVE-2026-44995HigMay 11, 2026
    risk 0.40cvss 7.3epss 0.00

    OpenClaw before 2026.4.20 contains an improper environment variable validation vulnerability in MCP stdio server configuration that allows attackers to execute arbitrary code. Malicious workspace configurations can pass dangerous startup variables like NODE_OPTIONS, LD_PRELOAD,…

  • CVE-2025-49144HigJun 23, 2025
    risk 0.40cvss 7.3epss 0.00

    Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker…