Weaknesses of type CWE-427
842 resultsCVE-2025-35471HIGHconda-forge openssl-feedstock writable OPENSSLDIREPSS 0.2%CVE-2024-32938MEDIUMUncontrolled search path for some Intel(R) MPI Library for Windows software before version 2021.13 may allow an authenticated user to potentEPSS 0.2%CVE-2024-21830MEDIUMUncontrolled search path in some Intel(R) VPL software before version 2023.4.0 may allow an authenticated user to potentially enable escalatEPSS 0.2%CVE-2024-24852MEDIUMUncontrolled search path in some Intel(R) Ethernet Adapter Complete Driver Pack install before versions 29.1 may allow an authenticated userEPSS 0.2%CVE-2023-28745MEDIUMUncontrolled search path in Intel(R) QSFP+ Configuration Utility software, all versions, may allow an authenticated user to potentially enabEPSS 0.2%CVE-2022-34396HIGH
Dell OpenManage Server Administrator (OMSA) version 10.3.0.0 and earlier contains a DLL Injection Vulnerability. A local low privileged autEPSS 0.2%CVE-2023-25779MEDIUMUncontrolled search path element in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user EPSS 0.2%CVE-2024-22346HIGHIBM i privilege escalationEPSS 0.2%CVE-2024-22167HIGHSanDisk PrivateAccess DLL Hijacking VulnerabilityEPSS 0.2%CVE-2025-71178HIGHCrucial Storage Executive < 11.08.082025.00 Installer DLL Preloading LPEEPSS 0.2%CVE-2024-21837MEDIUMUncontrolled search path in some Intel(R) Quartus(R) Prime Lite Edition Design software before version 23.1 may allow an authenticated user EPSS 0.2%CVE-2024-21814MEDIUMUncontrolled search path for some Intel(R) Chipset Device Software before version 10.1.19444.8378 may allow an authenticated user to potentiEPSS 0.2%CVE-2024-21862MEDIUMUncontrolled search path in some Intel(R) Quartus(R) Prime Standard Edition Design software before version 23.1 may allow an authenticated uEPSS 0.2%CVE-2022-43703—Incomplete verification of installation file signatureEPSS 0.2%CVE-2024-33581HIGHA DLL hijack vulnerability was reported in Lenovo PC Manager AI intelligent scenario that could allow a local attacker to execute code with EPSS 0.2%CVE-2024-33579HIGHA DLL hijack vulnerability was reported in Lenovo Baiying that could allow a local attacker to execute code with elevated privileges.EPSS 0.2%CVE-2024-33582HIGHA DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privilegEPSS 0.2%CVE-2024-33580HIGHA DLL hijack vulnerability was reported in Lenovo Personal Cloud that could allow a local attacker to execute code with elevated privileges.EPSS 0.2%CVE-2025-13051CRITICALWindows service used an uncontrolled search path element will cause unauthorized code execution with localsystem privilegesEPSS 0.2%CVE-2025-2769HIGHBdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation VulnerabilityEPSS 0.2%