Falhas do tipo CWE-427

842 resultados
CVE-2021-36216LINE for Windows 6.2.1.2289 and before allows arbitrary code execution via malicious DLL injection.EPSS 0.4%CVE-2023-0247HIGHUncontrolled Search Path Element in bits-and-blooms/bloomEPSS 0.4%CVE-2024-55898HIGHIBM i privilege escalationEPSS 0.4%CVE-2023-26266HIGHIn AFL++ 4.05c, the CmpLog component uses the current working directory to resolve and execute unprefixed fuzzing targets, allowing code exeEPSS 0.4%CVE-2022-34900HIGHThis vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.3 (39313) Agent. An attacEPSS 0.4%CVE-2021-1237HIGHCisco AnyConnect Secure Mobility Client for Windows DLL Injection VulnerabilityEPSS 0.4%CVE-2022-46330HIGHSquirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. InstaEPSS 0.4%CVE-2022-29580HIGHPath Traversal in Android Google Search AppEPSS 0.4%CVE-2024-1595HIGHDelta Electronics CNCSoft-B DOPSoft Uncontrolled Search Path ElementEPSS 0.4%CVE-2025-69599CRITICALRayVentory Scan Engine through 12.6 Update 8 allows attackers to gain privileges if they control the value of the PATH environment variable.EPSS 0.4%CVE-2022-44939HIGHEfs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vuEPSS 0.4%CVE-2022-4956HIGHCaphyon Advanced Installer WinSxS DLL uncontrolled search pathEPSS 0.4%CVE-2025-10939LOWOrg.keycloak/keycloak-quarkus-server: unable to restrict access to the admin consoleEPSS 0.4%CVE-2019-1794MEDIUMCisco Directory Connector Search Order Hijacking VulnerabilityEPSS 0.4%CVE-2023-29011HIGHGit for Windows's config file of `connect.exe` is susceptible to malicious placingEPSS 0.4%CVE-2023-29012HIGHGit CMD erroneously executes `doskey.exe` in the current directory, if it existsEPSS 0.4%CVE-2020-10610In OSIsoft PI System multiple products and versions, a local attacker can modify a search path and plant a binary to exploit the affected PIEPSS 0.4%CVE-2019-16001MEDIUMCisco Webex Teams for Windows DLL Hijacking VulnerabilityEPSS 0.4%CVE-2020-13177The support bundler in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows versions prior to 20.04.1 and 20.07.0 does nEPSS 0.4%CVE-2019-25268HIGHNREL BEopt 2.8.0 Insecure Library Loading Arbitrary Code ExecutionEPSS 0.4%