Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-427 (对搜索路径元素未加控制) — Vulnerability Class 538

538 vulnerabilities classified as CWE-427 (对搜索路径元素未加控制). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-64995 Privilege Escalation via Process Hijacking in 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction — DEX 6.5 Medium2025-12-11
CVE-2025-64994 Privilege Escalation via Uncontrolled Search Path in 1E-Nomad-SetWorkRate instruction — DEX 6.5 Medium2025-12-11
CVE-2025-34421 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAISP.DLL — MailEnable 6.7AIMediumAI2025-12-10
CVE-2025-34417 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAISO.DLL — MailEnable 6.7AIMediumAI2025-12-10
CVE-2025-34419 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAISM.DLL — MailEnable 6.7AIMediumAI2025-12-10
CVE-2025-34416 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAIPO.DLL — MailEnable 6.7AIMediumAI2025-12-10
CVE-2025-34422 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAIPC.DLL — MailEnable 6.7AIMediumAI2025-12-10
CVE-2025-34418 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAIMF.DLL — MailEnable 6.7AIMediumAI2025-12-10
CVE-2025-34424 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAIDP.DLL — MailEnable 6.7AIMediumAI2025-12-10
CVE-2025-34423 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAIAU.DLL — MailEnable 6.7AIMediumAI2025-12-10
CVE-2025-34420 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAIAM.DLL — MailEnable 6.7AIMediumAI2025-12-10
CVE-2025-13152 Lenovo One Client 安全漏洞 — One Client 7.8 High2025-12-10
CVE-2025-12046 Lenovo App Store和Lenovo Browser 安全漏洞 — App Store 7.8 High2025-12-10
CVE-2025-34396 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAINFY.DLL — MailEnable 6.5AIMediumAI2025-12-09
CVE-2025-5469 Dylib Hijacking in Yandex Messenger — Messenger 6.8AIMediumAI2025-12-09
CVE-2025-5471 Dylib Hijacking in Yandex Telemost — Telemost 7.7AIHighAI2025-12-09
CVE-2025-5470 Dylib Hijacking in Yandex Disk — Disk 7.7AIHighAI2025-12-09
CVE-2025-33208 NVIDIA TAO 代码问题漏洞 — TAO 8.8 High2025-12-03
CVE-2025-66476 Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability — vim 7.8 High2025-12-02
CVE-2025-11772 Co-Installer Privilege Escalation — Synaptics Fingerprint Driver 6.6 Medium2025-12-01
CVE-2025-64772 Sony INZONE Hub 代码问题漏洞 — INZONE Hub 7.8AIHighAI2025-12-01
CVE-2025-64695 LogStare Collector 代码问题漏洞 — Installer of LogStare Collector (for Windows) 7.8 -2025-11-21
CVE-2025-13051 Windows service used an uncontrolled search path element will cause unauthorized code execution with localsystem privileges — ABP and AES 7.8AIHighAI2025-11-19
CVE-2025-12852 NEC RakurakuMusen Start EX 安全漏洞 — RakurakuMusen Start EX 7.8AIHighAI2025-11-19
CVE-2025-10089 Malicious Code Execution Vulnerability in Setting and Operation Application for Lighting Control System MILCO.S — MILCO.S Setting Application 7.7 High2025-11-18
CVE-2025-40827 Siemens Software Center和Siemens Solid Edge SE2025 代码问题漏洞 — Siemens Software Center 7.8 High2025-11-11
CVE-2025-40763 Siemens Altair Grid Engine 代码问题漏洞 — Altair Grid Engine 7.8 High2025-11-11
CVE-2025-23358 NVIDIA NVApp 代码问题漏洞 — NVApp 8.2 High2025-11-04
CVE-2025-11761 HP Client Management Script Library – Security Update — HP Client Management Script Library 7.8AIHighAI2025-11-03
CVE-2025-62776 WTW EAGLE 代码问题漏洞 — WTW EAGLE (for Windows) 7.8AIHighAI2025-10-29

Vulnerabilities classified as CWE-427 (对搜索路径元素未加控制) represent 538 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.