Falhas do tipo CWE-426
281 resultadosCVE-2016-10009HIGHUntrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCEPSS 37.4%CVE-2012-1854HIGHUntrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual BasiEPSS 21.0%KEVCVE-2022-22047HIGHWindows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege VulnerabilityEPSS 18.9%KEVCVE-2010-3190HIGHUntrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio EPSS 9.0%CVE-2024-26198HIGHMicrosoft Exchange Server Remote Code Execution VulnerabilityEPSS 6.8%CVE-2022-41953HIGHGit clone remote code execution vulnerability in git-for-windowsEPSS 6.8%CVE-2023-30330CRITICALSoftExpert (SE) Excellence Suite 2.x versions before 2.1.3 is vulnerable to Local File Inclusion in the function /se/v42300/generic/gn_defauEPSS 5.9%CVE-2023-36778HIGHMicrosoft Exchange Server Remote Code Execution VulnerabilityEPSS 3.7%CVE-2018-10904HIGHIt was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by EPSS 3.0%CVE-2023-36003MEDIUMXAML Diagnostics Elevation of Privilege VulnerabilityEPSS 2.8%CVE-2024-13158HIGHAn unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allowEPSS 2.8%CVE-2023-36780HIGHSkype for Business Remote Code Execution VulnerabilityEPSS 2.6%CVE-2025-23266CRITICALNVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could EPSS 2.5%CVE-2019-5429—Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's homEPSS 2.5%CVE-2011-4125—A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the ability of unprivileged users to execute aEPSS 2.2%CVE-2023-26031HIGHPrivilege escalation in Apache Hadoop Yarn container-executor binary on Linux systemsEPSS 2.1%CVE-2022-24826CRITICALGit LFS can execute a binary from the current directory on WindowsEPSS 2.1%CVE-2024-21435HIGHWindows OLE Remote Code Execution VulnerabilityEPSS 2.0%CVE-2023-41766HIGHWindows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege VulnerabilityEPSS 1.3%CVE-2019-6826—A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVAC v2.4.1 and earlier versions, which could cause arbitrary code executEPSS 1.2%