Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-427 (对搜索路径元素未加控制) — Vulnerability Class 539

539 vulnerabilities classified as CWE-427 (对搜索路径元素未加控制). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-55898 IBM i privilege escalation — i 8.5 High2025-02-24
CVE-2025-1223 An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data — Secure Access Client for Mac 7.1 -2025-02-20
CVE-2024-57964 Insecure Loading of Dynamic Link Libraries in HVAC Energy Saving Program — HVAC Energy Saving Program 7.3 High2025-02-18
CVE-2024-57963 Insecure Loading of Dynamic Link Libraries in USB-CONVERTERCABLE DRIVER — USB-CONVERTERCABLE DRIVER 7.3 High2025-02-18
CVE-2023-31361 AMD Integrated Management Technology 安全漏洞 — AIM-T (AMD Integrated Management Technology) software 7.3 High2025-02-11
CVE-2025-24039 Visual Studio Code Elevation of Privilege Vulnerability — Visual Studio Code 7.3 High2025-02-11
CVE-2025-21206 Visual Studio Installer Elevation of Privilege Vulnerability — Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) 7.3 High2025-02-11
CVE-2024-53977 Siemens ModelSim和Siemens Questa 代码问题漏洞 — ModelSim 6.7 Medium2025-02-11
CVE-2024-2658 Local privilege escalation in FlexNet Publisher — FlexNet Publisher 7.8 -2025-01-30
CVE-2024-9499 Uncontrolled search path can lead to DLL hijacking in USBXpress Win 98SE Dev Kit installer — USBXpress Win 98SE Dev Kit 8.6 High2025-01-24
CVE-2024-9498 Uncontrolled search path can lead to DLL hijacking in USBXpress SDK installer — USBXpress SDK 8.6 High2025-01-24
CVE-2024-9497 Uncontrolled search path can lead to DLL hijacking in USBXpress 4 SDK installer — USBXpress 4 SDK 8.6 High2025-01-24
CVE-2024-9496 Uncontrolled search path can lead to DLL hijacking in USBXpress Dev Kit installer — USBXpress Dev Kit 8.6 High2025-01-24
CVE-2024-9495 Uncontrolled search path can lead to DLL hijacking in CP210x VCP Windows installer — CP210x VCP Windows 8.6 High2025-01-24
CVE-2024-9494 Uncontrolled search path can lead to DLL hijacking in CP210 VCP Win 2k installer — CP210 VCP Win 2k 8.6 High2025-01-24
CVE-2024-9493 Uncontrolled search path can lead to DLL hijacking in ToolStick installer — ToolStick 8.6 High2025-01-24
CVE-2024-9492 Uncontrolled search path can lead to DLL hijacking in Flash Programming Utility installer — Flash Programming Utility 8.6 High2025-01-24
CVE-2024-9491 Uncontrolled search path can lead to DLL hijacking in Configuration Wizard 2 installer — Configuration Wizard 2 8.6 High2025-01-24
CVE-2024-9490 Uncontrolled search path can lead to DLL hijacking in Silicon Labs IDE installer — Silicon Labs IDE (8-bit) 8.6 High2025-01-24
CVE-2024-41739 IBM Cognos Dashboards on Cloud Pak for Data privilege escalation — Cognos Dashboards on Cloud Pak for Data 8.8 High2025-01-24
CVE-2025-21127 Photoshop Desktop | Uncontrolled Search Path Element (CWE-427) — Photoshop Desktop 7.8 High2025-01-14
CVE-2025-0069 DLL Hijacking vulnerability in SAPSetup — SAPSetup 7.8 High2025-01-14
CVE-2024-55540 Acronis Cyber Protect 代码问题漏洞 — Acronis Cyber Protect 16 7.8 -2025-01-02
CVE-2024-55543 Acronis Cyber Protect 代码问题漏洞 — Acronis Cyber Protect 16 7.8 -2025-01-02
CVE-2024-55955 Trend Micro Deep Security 安全漏洞 — Trend Micro Deep Security 6.7 Medium2024-12-31
CVE-2022-27595 QVPN Device Client — QVPN Windows 7.8 High2024-12-19
CVE-2024-47576 DLL Hijacking vulnerability in SAP Product Lifecycle Costing — SAP Product Lifecycle Costing 3.3 Low2024-12-10
CVE-2024-9852 Malicious Code Execution Vulnerability in GENESIS64, ICONICS Suite, Hyper Historian, MC Works64, and GENESIS32 — GENESIS64 7.8 High2024-11-28
CVE-2024-8299 Malicious Code Execution Vulnerability in GENESIS64, ICONICS Suite, Hyper Historian, MC Works64, and GENESIS32 — GENESIS64 7.8 High2024-11-28
CVE-2024-7253 NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability — NoMachine 7.8 -2024-11-22

Vulnerabilities classified as CWE-427 (对搜索路径元素未加控制) represent 539 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.