CWE-427— Uncontrolled Search Path Element

Uncontrolled search path in the Intel(R) Unite(R) Plugin SDK before version 4.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Infoblox BloxOne Endpoint for Windows through 2.2.7 allows DLL injection that can result in local privilege escalation.

XLPD v7.0.0094 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges.

A binary hijack in Embarcadero Dev-CPP v6.3 allows attackers to execute arbitrary code via a crafted .exe file.

A binary hijack in Orwell-Dev-Cpp v5.11 allows attackers to execute arbitrary code via a crafted .exe file.

Dell GeoDrive, versions prior to 2.2, contains Multiple DLL Hijacking Vulnerabilities. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context.

A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can place a malicious DLL in a certain path to execute code and preform a privilege escalation attack.

Adobe Premiere Elements version 2020v20 (and earlier) is affected by an Uncontrolled Search Path Element which could lead to Privilege Escalation. An attacker could leverage this vulnerability to obtain admin using an existing low-privileg…

Dell OpenManage Server Administrator (OMSA) version 10.3.0.0 and earlier contains a DLL Injection Vulnerability. A local low privileged authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbit…

A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give the attacker the ability to execute arb…

Uncontrolled Search Path Element in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and ea…

Uncontrolled search path for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.3 (39313) Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to e…

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target host system in order…

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to e…

Outbyte PC Repair Installation File 1.7.112.7856 is vulnerable to Dll Hijacking. iertutil.dll is missing so an attacker can use a malicious dll with same name and can get admin privileges.

When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. Other operating syste…

Uncontrolled search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncontrolled search path in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

A DLL hijacking vulnerability exists in the uninstaller in Scooter Beyond Compare 1.8a through 4.4.2 before 4.4.3 when installed via the EXE installer. The uninstaller attempts to load DLLs out of a Windows Temp folder. If a standard user …

DLL hijacking vulnerability in Samsung Update Setup prior to version 2.2.9.50 allows attackers to execute arbitrary code.

The Zoom Rooms Installer for Windows prior to 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to the SYSTEM us…

Zoom Rooms for Windows installers before version 5.13.0 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain to escalate their privileges to the SYSTEM user.

Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro and Standard Edition software may allow an authenticated user to potentially enable escalation of privilege via local access.

A vulnerability was found in a port or fork of Redis. It has been declared as critical. This vulnerability affects unknown code in the library C:/Program Files/Redis/dbghelp.dll. The manipulation leads to uncontrolled search path. The atta…

Uncontrolled search path in some Intel(R) QAT drivers for Windows before version 1.6 may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncontrolled search path in some Intel(R) NUC Chaco Canyon BIOS update software before version iFlashV Windows 5.13.00.2105 may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncontrolled search path in the Intel(R) oneAPI DPC++/C++ Compiler for Windows and Intel Fortran Compiler for Windows before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow an authenticated user to pote…

HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when…

An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to eleva…

Genymotion Desktop v3.2.1 was discovered to contain a DLL hijacking vulnerability which allows attackers to escalate privileges and execute arbitrary code via a crafted binary.

Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.

Jupyter Core is a package for the core common functionality of Jupyter projects. Jupyter Core prior to version 4.11.2 contains an arbitrary code execution vulnerability in `jupyter_core` that stems from `jupyter_core` executing untrusted f…

DLL hijacking vulnerability in Smart Switch PC prior to version 4.3.22083_3 allows attacker to execute arbitrary code.

IBM i Access Family 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability. By placing a specially crafted file…

The installer of JetBrains IntelliJ IDEA before 2022.2.2 was vulnerable to EXE search order hijacking

This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.…

Uncontrolled search path in some Intel(R) Network Adapter installer software may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncontrolled search path element in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncontrolled search path in the Intel(R) Quartus(R) Prime Pro edition software before version 22.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Untrusted search path vulnerability in the installer of Content Transfer (for Windows) Ver.1.3 and prior allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Uncontrolled search path element in the Intel(R) VTune(TM) Profiler software before version 2023.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncontrolled search path in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

DWG TrueViewTM 2023 version has a DLL Search Order Hijacking vulnerability. Successful exploitation by a malicious attacker could result in remote code execution on the target system.

A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to execute arbitrary commands on credenti…

An Uncontrolled Search Path Element in Foxit Software released Foxit Reader v11.2.118.51569 allows attackers to escalate privileges when searching for DLL libraries without specifying an absolute path.

Uncontrolled Search Path Element in Checkmk Agent in Tribe29 Checkmk before 2.1.0p1, before 2.0.0p25 and before 1.6.0p29 on a Checkmk server allows the site user to escalate privileges via a manipulated unixcat executable

Uncontrolled search path in some Intel(R) RST software before versions 16.8.5.1014.5, 17.11.3.1010.2, 18.7.6.1011.2 and 19.5.2.1049.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

Uncontrolled search path for the DSP Builder software installer before version 22.4 for Intel(R) FPGAs Pro Edition may allow an authenticated user to potentially enable escalation of privilege via local access.

An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files.