Weaknesses of type CWE-427
842 resultsCVE-2024-4089HIGHA DLL hijack vulnerability was reported in Lenovo Super File that could allow a local attacker to execute code with elevated privileges.EPSS 0.2%CVE-2024-4132HIGHA DLL hijack vulnerability was reported in Lenovo Lock Screen that could allow a local attacker to execute code with elevated privileges.EPSS 0.2%CVE-2024-42492MEDIUMUncontrolled search path element in some BIOS and System Firmware Update Package for Intel(R) Server M50FCP family before version R01.02.000EPSS 0.2%CVE-2024-21841MEDIUMUncontrolled search path for some Intel(R) Distribution for GDB software before version 2024.0 may allow an authenticated user to potentiallEPSS 0.2%CVE-2026-5271MEDIUMPossible to hijack modules in current working directoryEPSS 0.2%CVE-2026-23741NONEast_coredumper running as root sources ast_debug_tools.conf from /etc/asterisk; potentially leading to privilege escalationEPSS 0.2%CVE-2023-40155MEDIUMUncontrolled search path for some Intel(R) CST software before version 2.1.10300 may allow an authenticated user to potentially enable escalEPSS 0.2%CVE-2026-30478HIGHA Dynamic-link Library Injection vulnerability in GatewayGeo MapServer for Windows version 5 allows attackers to escalate privileges via a cEPSS 0.2%CVE-2025-26624MEDIUMLocal Privilege Escalation in Rufus 4.6 and previous versionsEPSS 0.2%CVE-2023-43064HIGHIBM i code executionEPSS 0.2%CVE-2025-4539HIGHHainan ToDesk DLL File Parser profapi.dll uncontrolled search pathEPSS 0.2%CVE-2023-29444MEDIUMUncontrolled Search Path Element in PTC's Kepware KEPServerEXEPSS 0.2%CVE-2025-60749HIGHDLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchup_webhelper.exe.EPSS 0.2%CVE-2023-39254MEDIUMDell Update Package (DUP), Versions prior to 4.9.10 contain an Uncontrolled Search Path vulnerability. A malicious user with local access toEPSS 0.2%CVE-2025-11761HIGHHP Client Management Script Library – Security UpdateEPSS 0.2%CVE-2024-37130HIGHDell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A EPSS 0.2%CVE-2026-7373HIGHMetasploit Pro on Windows: Local Privilege Escalation via OpenSSL Configuration File LoadingEPSS 0.2%CVE-2022-33921HIGHDell GeoDrive, versions prior to 2.2, contains Multiple DLL Hijacking Vulnerabilities. A low privilege attacker could potentially exploit thEPSS 0.2%CVE-2025-59889HIGHImproper authentication of library files in the Eaton IPP software installer could lead to arbitrary code execution of an attacker with the EPSS 0.2%CVE-2022-32576MEDIUMUncontrolled search path in the Intel(R) Unite(R) Plugin SDK before version 4.2 may allow an authenticated user to potentially enable escalaEPSS 0.2%