CWE-427 (对搜索路径元素未加控制) — Vulnerability Class 538

538 vulnerabilities classified as CWE-427 (对搜索路径元素未加控制). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-22450	Dell Alienware Command Center 代码问题漏洞 — Alienware Command Center (AWCC)	7.4	High	2024-04-10
CVE-2024-22346	IBM i privilege escalation — i	8.4	High	2024-03-14
CVE-2024-22167	SanDisk PrivateAccess DLL Hijacking Vulnerability — PrivateAccess Windows App	7.9	High	2024-03-13
CVE-2024-0670	Privilege escalation in windows agent — Checkmk	8.8	High	2024-03-11
CVE-2024-20338	Cisco Secure Client 安全漏洞 — Cisco Secure Client	7.3	High	2024-03-06
CVE-2023-39254	Dell Update Package（DUP）Framework 代码问题漏洞 — DUP Framework	6.7	Medium	2024-03-01
CVE-2024-1595	Delta Electronics CNCSoft-B DOPSoft Uncontrolled Search Path Element — CNCSoft-B v1.0.0.4 DOPSoft	7.8	High	2024-02-29
CVE-2023-6132	AVEVA Edge products Uncontrolled Search Path Element — AVEVA Edge	7.3	High	2024-02-29
CVE-2023-49114	Local Privilege Escalation via DLL Hijacking — VMS Client Viewer	6.7	-	2024-02-26
CVE-2023-6740	Privilege escalation in jar_signature — Checkmk	8.8	High	2024-01-12
CVE-2023-29445	Uncontrolled Search Path Element in PTC's Kepware KEPServerEX — Kepware KEPServerEX	7.8	High	2024-01-10
CVE-2023-29444	Uncontrolled Search Path Element in PTC's Kepware KEPServerEX — Kepware KEPServerEX	6.3	Medium	2024-01-10
CVE-2023-6338	Lenovo Universal Device Client 代码问题漏洞 — Universal Device Client (UDC)	7.8	High	2024-01-03
CVE-2023-43064	IBM i code execution — i	7.0	High	2023-12-25
CVE-2023-6891	PeaZip Library dragdropfilesdll.dll uncontrolled search path — PeaZip	5.3	Medium	2023-12-17
CVE-2023-31210	Privilege escalation in agent via LD_LIBRARY_PATH — Checkmk	8.8	High	2023-12-13
CVE-2023-48677	Acronis Cyber Protect 代码问题漏洞 — Acronis Cyber Protect Home Office	7.3^AI	High^AI	2023-12-12
CVE-2023-6401	NotePad++ dbghelp.exe uncontrolled search path — NotePad++	5.3	Medium	2023-11-30
CVE-2023-4770	Uncontrolled Search Path Element Vulnerability in 4D and 4D Windows Server — 4D.exe	6.5	Medium	2023-11-30
CVE-2023-4931	Uncontrolled search path element vulnerability in Plesk — Plesk Installer	6.3	Medium	2023-11-27
CVE-2023-41790	Traversal Path on PHP file — Pandora FMS	7.6	High	2023-11-23
CVE-2023-41787	Arbitrary File Read — Pandora FMS	6.0	Medium	2023-11-23
CVE-2023-6235	Arbitrary code execution in Duet Display — Duet Display for Windows 10+	7.8	High	2023-11-21
CVE-2023-22818	Multiple DLL Search Order hijacking Vulnerabilities in SanDisk Security Installer for Windows — SanDisk Security Installer for Windows	7.3	High	2023-11-15
CVE-2023-4632	Lenovo System Update 代码问题漏洞 — Lenovo System Update	7.8	High	2023-11-08
CVE-2023-47113	DLL Search Order Hijacking vulnerability in BleachBit for Windows — bleachbit	7.3	High	2023-11-08
CVE-2023-0898	Uncontrolled Search Path Element in GE MiCOM S1 Agile — MiCOM S1 Agile	5.3	Medium	2023-11-07
CVE-2023-31027	CVE — NVIDIA GPU Display driver, vGPU driver, and Cloud gaming driver	8.2	High	2023-11-02
CVE-2023-31016	CVE — NVIDIA GPU Display driver, vGPU driver, and Cloud gaming driver	7.3	High	2023-11-02
CVE-2023-44220	SonicWall NetExtender Windows client 安全漏洞 — NetExtender	7.8	-	2023-10-27

Vulnerabilities classified as CWE-427 (对搜索路径元素未加控制) represent 538 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-427 (对搜索路径元素未加控制) — Vulnerability Class 538