VYPR

CWE-427

Uncontrolled Search Path Element

BaseDraft

Description

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-38 · CAPEC-471

CVEs mapped to this weakness (377)

page 8 of 19
  • CVE-2017-2287HigAug 2, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in NFC Port Software remover Ver.1.3.0.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-2286HigAug 2, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in NFC Port Software Version 5.5.0.6 and earlier (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S), NFC Port Software Version 5.3.6.7 and earlier (for RC-S320, RC-S310/J1C, RC-S310/ED4C), PC/SC Activator for Type B Ver.1.2.1.0 and…

  • CVE-2017-1000010HigJul 17, 2017
    risk 0.51cvss 7.8epss 0.02

    Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.dll resulting arbitrary code execution.

  • CVE-2017-2210HigJun 9, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in PatchJGD (PatchJGD101.EXE) ver. 1.0.1 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-3013HigApr 12, 2017
    risk 0.51cvss 7.8epss 0.03

    Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in a DLL related to remote logging.

  • CVE-2017-3012HigApr 12, 2017
    risk 0.51cvss 7.8epss 0.03

    Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in the OCR plugin.

  • CVE-2017-6033HigApr 7, 2017
    risk 0.51cvss 7.8epss 0.01

    A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System (IGSS) Software, Version 12 and previous versions. The software will execute a malicious file if it is named the same as a legitimate file and placed in a location that is earlier in…

  • CVE-2025-10089HigNov 18, 2025
    risk 0.50cvss 7.7epss 0.00

    Uncontrolled Search Path Element Vulnerability in Setting and Operation Application for Lighting Control System MILCO.S Setting Application all versions, MILCO.S Setting Application (IR) all versions, MILCO.S Easy Setting Application (IR) all versions, and MILCO.S Easy Switch…

  • CVE-2025-53395HigAug 4, 2025
    risk 0.50cvss 7.7epss 0.00

    Paramount Macrium Reflect through 2025-06-26 allows local attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx backup file and a malicious VSSSvr.dll located in the same directory. When a user with administrative privileges mounts a backup by…

  • CVE-2025-53394HigAug 4, 2025
    risk 0.50cvss 7.7epss 0.00

    Paramount Macrium Reflect through 2025-06-26 allows attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx or .mrbax backup file and a renamed executable placed in the same directory. When a user with administrative privileges opens the crafted…

  • CVE-2025-7472HigJul 17, 2025
    risk 0.49cvss 7.5epss 0.00

    A local privilege escalation vulnerability in the Intercept X for Windows installer prior version 1.22 can lead to a local user gaining system level privileges, if the installer is run as SYSTEM.

  • CVE-2025-23177HigApr 29, 2025
    risk 0.49cvss 7.6epss 0.00

    CWE-427: Uncontrolled Search Path Element

  • CVE-2016-4526HigSep 19, 2016
    risk 0.49cvss 7.5epss 0.00

    ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory.

  • CVE-2026-47937HigJun 9, 2026
    risk 0.48cvss 7.4epss 0.00

    Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a…

  • CVE-2026-2713HigMar 10, 2026
    risk 0.48cvss 7.4epss 0.00

    IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could…

  • CVE-2026-41567HigJun 5, 2026
    risk 0.47cvss 7.2epss 0.00

    Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via `PUT /containers/{id}/archive` or piped through `docker cp -`, the daemon resolves decompression binaries…

  • CVE-2026-50033HigJun 3, 2026
    risk 0.47cvss 7.3epss 0.00

    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.

  • CVE-2026-44682HigJun 3, 2026
    risk 0.47cvss 7.3epss 0.00

    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.

  • CVE-2026-44609HigJun 3, 2026
    risk 0.47cvss 7.3epss 0.00

    Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.

  • CVE-2026-34488HigApr 23, 2026
    risk 0.47cvss 7.3epss 0.00

    IP Setting Software contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges.