Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-427 (对搜索路径元素未加控制) — Vulnerability Class 539

539 vulnerabilities classified as CWE-427 (对搜索路径元素未加控制). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-9016 Mechrevo Control Center GX V2 Powershell Script Command uncontrolled search path — Control Center GX V2 7.0 High2025-08-15
CVE-2025-9000 Mechrevo Control Center GX V2 reg File uncontrolled search path — Control Center GX V2 7.0 High2025-08-15
CVE-2025-49571 Substance3D - Modeler | Uncontrolled Search Path Element (CWE-427) — Substance3D - Modeler 7.8 High2025-08-12
CVE-2025-30033 Siemens多款产品 代码问题漏洞 — Automation License Manager V6.0 7.8 High2025-08-12
CVE-2025-25011 Beats Uncontrolled Search Path Element can lead to Local Privilege Escalation (LPE) when using the Windows Installer — Beats 7.0 High2025-07-30
CVE-2025-0712 APM Server Uncontrolled Search Path Element can lead to Local Privilege Escalation (LPE) when using the Windows Installer — APM Server 7.0 High2025-07-30
CVE-2025-7676 DLL hijacking of all PE32 executables on Windows 11 for ARM CPUs — Windows 11 7.8AIHighAI2025-07-28
CVE-2024-13976 Commvault 11.20.0 - 11.36.0 Windows Maintenance Installer DLL Injection — Commvault for Windows 7.3 -2025-07-25
CVE-2025-7427 Uncontrolled Search Path Element in Arm Development Studio before 2025 — Development Studio 7.8 -2025-07-22
CVE-2025-1729 Lenovo TrackPoint Quick Menu 安全漏洞 — TrackPoint Quick Menu 6.7 Medium2025-07-17
CVE-2025-1700 Motorola Software Fix 安全漏洞 — Software Fix 7.0 High2025-07-17
CVE-2025-7472 Sophos Intercept X 安全漏洞 — Sophos Intercept X for Windows Installer 7.5 High2025-07-17
CVE-2025-34109 Panda Security PSEvents.exe Insecure DLL Loading Privilege Escalation — Panda Global Protection 2016 7.3AIHighAI2025-07-15
CVE-2025-48496 Emerson ValveLink Products Uncontrolled Search Path Element — ValveLink SOLO 5.1 Medium2025-07-10
CVE-2025-36004 IBM i privilege escalation — i 8.8 High2025-06-25
CVE-2025-4981 Path Traversal Leading to RCE by Any Authenticated Mattermost User — Mattermost 9.9 Critical2025-06-20
CVE-2024-24916 DLL-HiJacking — Check Point SmartConsole 6.5 Medium2025-06-19
CVE-2025-5981 Arbitrary File write in OSV-SCALIBR — osv-scalibr 6.5AIMediumAI2025-06-18
CVE-2025-49487 Trend Micro Worry-Free Business Security Services 安全漏洞 — Trend Micro Worry-Free Business Security Services 6.8 Medium2025-06-17
CVE-2025-49158 Trend Micro Apex One 安全漏洞 — Trend Micro Apex One 6.7 Medium2025-06-17
CVE-2025-49155 Trend Micro Apex One Data Loss Prevention 安全漏洞 — Trend Micro Apex One 8.8 High2025-06-17
CVE-2025-33122 IBM i privilege escalation — i 7.5 High2025-06-17
CVE-2025-49148 ClipShare Server Allows Local Privilege Escalation via DLL Hijacking — clip_share_server 7.3 High2025-06-11
CVE-2025-5480 Action1 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability — Action1 7.8AIHighAI2025-06-06
CVE-2025-30167 Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability — jupyter_core 7.3 High2025-06-03
CVE-2024-42191 HCL Traveler for Microsoft Outlook (HTMO) is susceptible to COM hijacking — HCL Traveler for Microsoft Outlook (HTMO) 6.5 Medium2025-05-30
CVE-2024-42190 HCL Traveler for Microsoft Outlook (HTMO) is susceptible to DLL hijacking — HCL Traveler for Microsoft Outlook (HTMO) 6.5 Medium2025-05-30
CVE-2025-5180 Wondershare Filmora Installer NFWCHK.exe uncontrolled search path — Filmora 7.0 High2025-05-26
CVE-2025-5129 Sangfor 零信任访问控制系统 aTrust MSASN1.dll uncontrolled search path — 零信任访问控制系统 aTrust 7.0 High2025-05-24
CVE-2024-13946 Binary Planting / LoadLibrary DLL's not Signed — ASPECT-Enterprise 6.8 Medium2025-05-22

Vulnerabilities classified as CWE-427 (对搜索路径元素未加控制) represent 539 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.