Weaknesses of type CWE-427
842 resultsCVE-2026-5397HIGHVulnerability Related to an Uncontrolled Search Path Element in a UPS Management ApplicationEPSS 0.1%CVE-2025-26404MEDIUMUncontrolled search path for some Intel(R) DSA software before version 25.2.15.9 may allow an authenticated user to potentially enable escalEPSS 0.1%CVE-2025-27717MEDIUMUncontrolled search path for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable escalation of privEPSS 0.1%CVE-2025-20092MEDIUMUncontrolled search path for some Clock Jitter Tool software before version 6.0.1 may allow an authenticated user to potentially enable escaEPSS 0.1%CVE-2026-1636MEDIUMA potential DLL hijacking vulnerability was reported in Lenovo Service Bridge that, under certain conditions, could allow a local authenticaEPSS 0.1%CVE-2026-4545HIGHFlos Freeware Notepad2 PROPSYS.dll uncontrolled search pathEPSS 0.1%CVE-2026-10847HIGHLocal Privilege Escalation vulnerability in Check Point Identity Agent Full for Windows OSEPSS 0.1%CVE-2025-10089HIGHMalicious Code Execution Vulnerability in Setting and Operation Application for Lighting Control System MILCO.SEPSS 0.1%CVE-2026-44612HIGHBytello Share (Windows Edition) installer executable provided by Bytello insecurely loads Dynamic Link Libraries. If there is a crafted DLL EPSS 0.1%CVE-2025-0712HIGHAPM Server Uncontrolled Search Path Element can lead to Local Privilege Escalation (LPE) when using the Windows InstallerEPSS 0.1%CVE-2025-12852HIGHDLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to causeEPSS 0.1%CVE-2025-54519HIGHA DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary coEPSS 0.1%CVE-2025-40763HIGHA vulnerability has been identified in Altair Grid Engine (All versions < V2026.0.0). Affected products do not properly validate environmentEPSS 0.1%CVE-2026-6788HIGHUncontrolled search path in PluginLauncher allows SYSTEM code execution in WatchGuard AgentEPSS 0.1%CVE-2024-6510HIGHLocal privilege escalation vulnerability in AVG Internet SecurityEPSS 0.1%CVE-2025-20050MEDIUMUncontrolled search path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escEPSS 0.1%CVE-2025-24842MEDIUMUncontrolled search path for the Intel(R) System Support Utility before version 4.1.0 within Ring 3: User Applications may allow an escalatiEPSS 0.1%CVE-2025-21093MEDIUMUncontrolled search path element for some Intel(R) Driver & Support Assistant Tool software before version 24.6.49.8 may allow an authenEPSS 0.1%CVE-2024-36333HIGHA DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arEPSS 0.1%CVE-2024-47091MEDIUMPrivilege escalation via mk_mysql agent plugin on WindowsEPSS 0.1%