Falhas do tipo CWE-427

842 resultados
CVE-2022-41141HIGHThis vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. An attacker must first obtain the EPSS 0.4%CVE-2022-23410AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe wEPSS 0.4%CVE-2023-1745MEDIUMKMPlayer SHFOLDER.dll uncontrolled search pathEPSS 0.4%CVE-2018-5457A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions EPSS 0.4%CVE-2025-30672MEDIUMMite for Perl generates code with an untrusted search path vulnerabilityEPSS 0.4%CVE-2023-44437HIGHAshlar-Vellum Cobalt Uncontrolled Search Path Element Remote Code Execution VulnerabilityEPSS 0.4%CVE-2025-30673MEDIUMSub::HandlesVia for Perl allows untrusted code to be included from the current working directoryEPSS 0.4%CVE-2025-3051MEDIUMLinux::Statm::Tiny for Perl allows untrusted code to be included from the current working directoryEPSS 0.4%CVE-2025-22458HIGHDLL hijacking in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an authenticated attacker to escalate to EPSS 0.4%CVE-2024-8441MEDIUMAn uncontrolled search path in the agent of Ivanti EPM before 2022 SU6, or the 2024 September update allows a local authenticated attacker wEPSS 0.4%CVE-2019-6858A CWE-427:Uncontrolled Search Path Element vulnerability exists in MSX Configurator (Software Version prior to V1.0.8.1), which could cause EPSS 0.4%CVE-2019-3613MEDIUMDLL search order hijacking in MAEPSS 0.4%CVE-2026-0776HIGHDiscord Client Uncontrolled Search Path Element Local Privilege Escalation VulnerabilityEPSS 0.4%CVE-2023-49114MEDIUMLocal Privilege Escalation via DLL HijackingEPSS 0.4%CVE-2024-5929HIGHVIPRE Advanced Security PMAgent Uncontrolled Search Path Element Local Privilege Escalation VulnerabilityEPSS 0.4%CVE-2017-12314A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attacEPSS 0.4%CVE-2024-10930HIGHCarrier Block Load Privilege EscalationEPSS 0.4%CVE-2022-29092HIGHDell SupportAssist Client Consumer versions (3.11.0 and versions prior) and Dell SupportAssist Client Commercial versions (3.2.0 and versionEPSS 0.4%CVE-2024-7193MEDIUMMp3tag DLL tak_deco_lib.dll uncontrolled search pathEPSS 0.4%CVE-2024-7253HIGHNoMachine Uncontrolled Search Path Element Local Privilege Escalation VulnerabilityEPSS 0.4%