Weaknesses of type CWE-427
842 resultsCVE-2024-4132HIGHA DLL hijack vulnerability was reported in Lenovo Lock Screen that could allow a local attacker to execute code with elevated privileges.EPSS 0.2%CVE-2024-4130HIGHA DLL hijack vulnerability was reported in Lenovo App Store that could allow a local attacker to execute code with elevated privileges.EPSS 0.2%CVE-2024-21818MEDIUMUncontrolled search path in some Intel(R) PCM software before version 202311 may allow an authenticated user to potentially enable escalatioEPSS 0.2%CVE-2024-21843MEDIUMUncontrolled search path for some Intel(R) Computing Improvement Program software before version 2.4.0.10654 may allow an authenticated userEPSS 0.2%CVE-2023-40155MEDIUMUncontrolled search path for some Intel(R) CST software before version 2.1.10300 may allow an authenticated user to potentially enable escalEPSS 0.2%CVE-2026-23741NONEast_coredumper running as root sources ast_debug_tools.conf from /etc/asterisk; potentially leading to privilege escalationEPSS 0.2%CVE-2026-5271MEDIUMPossible to hijack modules in current working directoryEPSS 0.2%CVE-2026-30478HIGHA Dynamic-link Library Injection vulnerability in GatewayGeo MapServer for Windows version 5 allows attackers to escalate privileges via a cEPSS 0.2%CVE-2025-26624MEDIUMLocal Privilege Escalation in Rufus 4.6 and previous versionsEPSS 0.2%CVE-2025-60749HIGHDLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchup_webhelper.exe.EPSS 0.2%CVE-2023-39254MEDIUMDell Update Package (DUP), Versions prior to 4.9.10 contain an Uncontrolled Search Path vulnerability. A malicious user with local access toEPSS 0.2%CVE-2023-29444MEDIUMUncontrolled Search Path Element in PTC's Kepware KEPServerEXEPSS 0.2%CVE-2023-43064HIGHIBM i code executionEPSS 0.2%CVE-2025-11761HIGHHP Client Management Script Library – Security UpdateEPSS 0.2%CVE-2025-4539HIGHHainan ToDesk DLL File Parser profapi.dll uncontrolled search pathEPSS 0.2%CVE-2024-37130HIGHDell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A EPSS 0.2%CVE-2026-7373HIGHMetasploit Pro on Windows: Local Privilege Escalation via OpenSSL Configuration File LoadingEPSS 0.2%CVE-2024-45246HIGHDiebold Nixdorf – CWE-427: Uncontrolled Search Path ElementEPSS 0.2%CVE-2022-32576MEDIUMUncontrolled search path in the Intel(R) Unite(R) Plugin SDK before version 4.2 may allow an authenticated user to potentially enable escalaEPSS 0.2%CVE-2022-41982MEDIUMUncontrolled search path element in the Intel(R) VTune(TM) Profiler software before version 2023.0 may allow an authenticated user to potentEPSS 0.2%