VYPR

CWE-427

Uncontrolled Search Path Element

BaseDraft

Description

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-38 · CAPEC-471

CVEs mapped to this weakness (377)

page 5 of 19
  • CVE-2025-14498HigDec 23, 2025
    risk 0.51cvss 7.8epss 0.00

    TradingView Desktop Electron Uncontrolled Search Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of TradingView Desktop. An attacker must first obtain the ability to execute low-privileged…

  • CVE-2025-13152HigDec 10, 2025
    risk 0.51cvss 7.8epss 0.00

    A potential DLL hijacking vulnerability was reported in Lenovo One Client during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges.

  • CVE-2025-12046HigDec 10, 2025
    risk 0.51cvss 7.8epss 0.00

    A DLL hijacking vulnerability was reported in the Lenovo App Store and Lenovo Browser applications that could allow a local authenticated user to execute code with elevated privileges under certain conditions.

  • CVE-2025-64772HigDec 1, 2025
    risk 0.51cvss 7.8epss 0.00

    The installer of INZONE Hub 1.0.10.3 to 1.0.17.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer.

  • CVE-2025-40827HigNov 11, 2025
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Siemens Software Center (All versions < V3.5), Solid Edge SE2025 (All versions < V225.0 Update 10). The affected application is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code via placing a crafted DLL…

  • CVE-2025-40763HigNov 11, 2025
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Altair Grid Engine (All versions < V2026.0.0). Affected products do not properly validate environment variables when loading shared libraries, allowing path hijacking through malicious library substitution. This could allow a local…

  • CVE-2025-60749HigOct 31, 2025
    risk 0.51cvss 7.8epss 0.00

    DLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchup_webhelper.exe.

  • CVE-2025-62776HigOct 29, 2025
    risk 0.51cvss 7.8epss 0.00

    The installer of WTW EAGLE (for Windows) 3.0.8.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application.

  • CVE-2025-26861HigOct 15, 2025
    risk 0.51cvss 7.8epss 0.00

    RemoteCall Remote Support Program (for Operator) versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution.

  • CVE-2025-26860HigOct 15, 2025
    risk 0.51cvss 7.8epss 0.00

    RemoteCall Remote Support Program (for Operator) versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution.

  • CVE-2025-26859HigOct 15, 2025
    risk 0.51cvss 7.8epss 0.00

    RemoteView PC Application Console versions prior to 6.0.2 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution.

  • CVE-2025-57781HigOct 6, 2025
    risk 0.51cvss 7.8epss 0.00

    The installers of DENSO TEN drive recorder viewer contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer.

  • CVE-2025-11223HigOct 3, 2025
    risk 0.51cvss 7.8epss 0.00

    Installer of Panasonic AutoDownloader version 1.2.8 contains an issue with the DLL search path, which may lead to loading a crafted DLL file in the same directory.

  • CVE-2025-57624HigSep 16, 2025
    risk 0.51cvss 7.8epss 0.00

    A DLL hijacking vulnerability in CYRISMA Agent before 444 allows local users to escalate privileges and execute arbitrary code via multiple DLLs.

  • CVE-2025-9201HigSep 11, 2025
    risk 0.51cvss 7.8epss 0.00

    A potential DLL hijacking vulnerability was discovered in Lenovo Browser during an internal security assessment that could allow a local user to execute code with elevated privileges.

  • CVE-2025-30033HigAug 12, 2025
    risk 0.51cvss 7.8epss 0.00

    The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component.

  • CVE-2025-43950HigApr 22, 2025
    risk 0.51cvss 7.8epss 0.00

    DPMAdirektPro 4.1.5 is vulnerable to DLL Hijacking. It happens by placing a malicious DLL in a directory (in the absence of a legitimate DLL), which is then loaded by the application instead of the legitimate DLL. This causes the malicious DLL to load with the same privileges as…

  • CVE-2024-48091HigFeb 7, 2025
    risk 0.51cvss 7.8epss 0.00

    Tally Prime Edit Log v2.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL.

  • CVE-2024-53588HigJan 23, 2025
    risk 0.51cvss 7.8epss 0.00

    A DLL hijacking vulnerability in iTop VPN v16.0 allows attackers to execute arbitrary code via placing a crafted DLL file into the path \ProgramData\iTop VPN\Downloader\vpn6.

  • CVE-2025-0069HigJan 14, 2025
    risk 0.51cvss 7.8epss 0.00

    Due to DLL injection vulnerability in SAPSetup, an attacker with either local user privileges or with access to a compromised corporate user�s Windows account could gain higher privileges. With this, he could move laterally within the network and further compromise the active…