Fallos del tipo CWE-427

842 resultados
CVE-2023-3252MEDIUMArbitrary File WriteEPSS 0.6%CVE-2017-20018MEDIUMXAMPP Installer uncontrolled search pathEPSS 0.6%CVE-2021-38469CRITICALAUVESY VersiondogEPSS 0.6%CVE-2025-30248HIGHDLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows allows a local attacker to execute arbitrary EPSS 0.6%CVE-2025-29803HIGHVisual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2023-41790HIGHTraversal Path on PHP fileEPSS 0.6%CVE-2021-30360Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an aEPSS 0.6%CVE-2020-3535HIGHCisco Webex Teams Client for Windows DLL Hijacking VulnerabilityEPSS 0.6%CVE-2021-3613OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if preEPSS 0.5%CVE-2024-5292HIGHD-Link Network Assistant Uncontrolled Search Path Element Local Privilege Escalation VulnerabilityEPSS 0.5%CVE-2017-12313An untrusted search path (aka DLL Preload) vulnerability in the Cisco Network Academy Packet Tracer software could allow an authenticated, lEPSS 0.5%CVE-2023-31210HIGHPrivilege escalation in agent via LD_LIBRARY_PATHEPSS 0.5%CVE-2024-48605HIGHAn issue in Helakuru Desktop Application v1.1 allows a local attacker to execute arbitrary code via the lack of proper validation of the wowEPSS 0.5%CVE-2017-20051MEDIUMInnoSetup Installer uncontrolled search pathEPSS 0.5%CVE-2021-32466An uncontrolled search path element privilege escalation vulnerability in Trend Micro HouseCall for Home Networks version 5.3.1225 and belowEPSS 0.5%CVE-2024-5509HIGHLuxion KeyShot BIP File Parsing Uncontrolled Search Path Element Remote Code Execution VulnerabilityEPSS 0.5%CVE-2025-26631HIGHVisual Studio Code Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2019-3881Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations undeEPSS 0.5%CVE-2023-28380HIGHUncontrolled search path for the Intel(R) AI Hackathon software before version 2.0.0 may allow an unauthenticated user to potentially enableEPSS 0.5%CVE-2017-5176A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: ConnecteEPSS 0.5%