Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-427 (对搜索路径元素未加控制) — Vulnerability Class 538

538 vulnerabilities classified as CWE-427 (对搜索路径元素未加控制). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-0025 Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability — Cortex XDR Agent 6.7 Medium2022-05-11
CVE-2021-34606 XINJE XD/E Series PLC Program Tool DLL Hijacking — XD/E Series PLC Program Tool 7.3 High2022-05-11
CVE-2021-42743 Local privilege escalation via a default path in Splunk Enterprise Windows — Splunk Enterprise 8.8 High2022-05-06
CVE-2022-28714 F5 BIG-IP 代码问题漏洞 — BIG-IP APM 7.3 High2022-05-05
CVE-2021-20051 SonicWall Global VPN Client 代码问题漏洞 — SonicWall Global VPN Client 7.8 -2022-05-04
CVE-2022-28792 Gear IconX PC Manager 代码问题漏洞 — Gear IconX PC Manager 6.2 Medium2022-05-03
CVE-2022-0192 Lenovo PCManager 代码问题漏洞 — PCManager 7.3 High2022-04-22
CVE-2022-23449 Siemens SIMATIC 代码问题漏洞 — SIMATIC Energy Manager Basic 7.3 -2022-04-12
CVE-2022-24765 Uncontrolled search for the Git directory in Git for Windows — git 6.0 Medium2022-04-12
CVE-2022-28779 Samsung Android USB Driver 代码问题漏洞 — Samsung Android USB Driver windows installer 5.3 Medium2022-04-11
CVE-2022-1098 Delta Electronics DIAEnergie Uncontrolledly Search Path Element — DIAEnergie 7.8 High2022-04-01
CVE-2022-24426 多款Dell产品代码问题漏洞 — Dell Command Update (DCU) 7.8 High2022-04-01
CVE-2022-22996 SanDisk Professional G-RAID 4/8 Software Utility, Privilege Escalation — G-RAID 4/8 Software Utility 7.8 High2022-03-30
CVE-2020-25182 Rockwell Automation ISaGRAF5 Runtime Uncontrolled Search Path Element — ISaGRAF Runtime 6.7 Medium2022-03-18
CVE-2022-26511 KINGSOFT WPS Presentation 代码问题漏洞 — WPS Presentation 7.8 -2022-03-17
CVE-2022-26081 KINGSOFT Installer of WPS Office 代码问题漏洞 — The installer of WPS Office 7.8 -2022-03-17
CVE-2022-25969 KINGSOFT Installer of WPS Office 代码问题漏洞 — The installer of WPS Office 7.8 -2022-03-17
CVE-2022-23401 Yokogawa Exaopc 代码问题漏洞 — CENTUM CS 3000 7.8 -2022-03-11
CVE-2022-23202 Adobe Creative Cloud Desktop Uncontrolled Search Path Element Arbitrary code execution — Creative Cloud (desktop component) 7.0 High2022-02-16
CVE-2021-43940 Atlassian Confluence Server 代码问题漏洞 — Confluence Server 7.3 -2022-02-15
CVE-2022-23410 AXIS IP Utility 代码问题漏洞 — AXIS IP Utility 7.8 -2022-02-14
CVE-2022-0483 Local privilege escalation due to insecure folder permissions — Acronis VSS Doctor 7.8 -2022-02-11
CVE-2022-22528 SAP Adaptive Server Enterprise 代码问题漏洞 — SAP Adaptive Server Enterprise 7.8 -2022-02-09
CVE-2021-44206 Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service — Acronis Cyber Protect Home Office 7.3 -2022-02-04
CVE-2021-44205 Local privilege escalation due to DLL hijacking vulnerability — Acronis Cyber Protect Home Office 7.3 -2022-02-04
CVE-2022-0015 Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability — Cortex XDR Agent 7.8 High2022-01-12
CVE-2022-0129 DLL Highjack vulnerability in McAfee TechCheck utility — McAfee TechCheck 7.4 High2022-01-11
CVE-2021-30360 Enterprise Endpoint Security 代码问题漏洞 — Check Point Remote Access Client 7.8 -2022-01-07
CVE-2021-4007 Rapid7 Insight Agent Privilege Escalation — Insight Agent 7.8 High2021-12-14
CVE-2021-20047 SonicWall Global VPN client 代码问题漏洞 — SonicWall Global VPN Client 7.8 -2021-12-08

Vulnerabilities classified as CWE-427 (对搜索路径元素未加控制) represent 538 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.