Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-427 (对搜索路径元素未加控制) — Vulnerability Class 538

538 vulnerabilities classified as CWE-427 (对搜索路径元素未加控制). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-4769 CBEWIN Anytxt Searcher ATService.exe uncontrolled search path — Anytxt Searcher 7.0 High2025-05-16
CVE-2025-43553 Substance3D - Modeler | Uncontrolled Search Path Element (CWE-427) — Substance3D - Modeler 7.8 High2025-05-13
CVE-2025-32917 Privilege escalation in jar_signature — Checkmk 7.8AIHighAI2025-05-13
CVE-2025-35471 conda-forge openssl-feedstock writable OPENSSLDIR — openssl-feedstock 7.3 High2025-05-13
CVE-2025-4539 Hainan ToDesk DLL File Parser profapi.dll uncontrolled search path — ToDesk 7.0 High2025-05-11
CVE-2025-4532 Shanghai Bairui Information Technology SunloginClient sunlogin_guard.exe uncontrolled search path — SunloginClient 7.0 High2025-05-11
CVE-2025-4525 Discord WINSTA.dll uncontrolled search path — Discord 7.0 High2025-05-10
CVE-2025-4455 Patch My PC Home Updater System.IO uncontrolled search path — Home Updater 7.0 High2025-05-09
CVE-2025-4272 Mechrevo Control Console GCUService csCAPI.dll uncontrolled search path — Control Console 7.0 High2025-05-05
CVE-2025-23177 Ribbon Communications - CWE-427: Uncontrolled Search Path Element — Apollo 9608 7.6 High2025-04-29
CVE-2025-2769 Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability — NetDrive 7.8 -2025-04-23
CVE-2025-2768 Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability — NetDrive 7.8 -2025-04-23
CVE-2024-12530 Insecure Dynamic-Link Library (DLL) Load vulnerability — Secure Content Manager 7.8AIHighAI2025-04-17
CVE-2025-32780 BleachBit for Windows Has DLL Untrusted Path Vulnerability — bleachbit 7.3 High2025-04-15
CVE-2025-29817 Microsoft Power Automate Desktop Information Disclosure Vulnerability — Power Automate for Desktop 5.7 Medium2025-04-15
CVE-2025-29803 Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability — SQL Server Management Studio 20.2 7.3 High2025-04-12
CVE-2025-2630 DLL Hijacking Vulnerability in NI LabVIEW — LabVIEW 7.3 High2025-04-09
CVE-2025-2629 DLL Hijacking Vulnerability in NI LabVIEW When Loading NI Error Reporting — LabVIEW 7.3 High2025-04-09
CVE-2025-29802 Visual Studio Elevation of Privilege Vulnerability — Microsoft Visual Studio 2022 version 17.10 7.3 High2025-04-08
CVE-2025-22458 Ivanti Endpoint Manager 代码问题漏洞 — Endpoint Manager 7.8 High2025-04-08
CVE-2024-11859 DLL Search Order Hijacking in ESET products for Windows — ESET NOD32 Antivirus 6.5AIMediumAI2025-04-07
CVE-2025-3051 Linux::Statm::Tiny for Perl allows untrusted code to be included from the current working directory — Linux::Statm::Tiny 8.8 -2025-04-01
CVE-2025-30673 Sub::HandlesVia for Perl allows untrusted code to be included from the current working directory — Sub::HandlesVia 8.8 -2025-04-01
CVE-2025-30672 Mite for Perl generates code with an untrusted search path vulnerability — Mite 7.8 -2025-04-01
CVE-2025-26631 Visual Studio Code Elevation of Privilege Vulnerability — Visual Studio Code 7.3 High2025-03-11
CVE-2025-25003 Visual Studio Elevation of Privilege Vulnerability — Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) 7.3 High2025-03-11
CVE-2025-24998 Visual Studio Elevation of Privilege Vulnerability — Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) 7.3 High2025-03-11
CVE-2024-10930 Carrier Block Load Privilege Escalation — Block Load 7.8 -2025-03-04
CVE-2025-1804 Blizzard Battle.Net profapi.dll uncontrolled search path — Battle.Net 7.0 High2025-03-01
CVE-2024-55898 IBM i privilege escalation — i 8.5 High2025-02-24

Vulnerabilities classified as CWE-427 (对搜索路径元素未加控制) represent 538 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.