Falhas do tipo CWE-427
842 resultadosCVE-2022-38101MEDIUMUncontrolled search path in some Intel(R) NUC Chaco Canyon BIOS update software before version iFlashV Windows 5.13.00.2105 may allow an autEPSS 0.2%CVE-2022-41998MEDIUMUncontrolled search path in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation ofEPSS 0.2%CVE-2022-33921HIGHDell GeoDrive, versions prior to 2.2, contains Multiple DLL Hijacking Vulnerabilities. A low privilege attacker could potentially exploit thEPSS 0.2%CVE-2025-59889HIGHImproper authentication of library files in the Eaton IPP software installer could lead to arbitrary code execution of an attacker with the EPSS 0.2%CVE-2024-45246HIGHDiebold Nixdorf – CWE-427: Uncontrolled Search Path ElementEPSS 0.2%CVE-2022-43474MEDIUMUncontrolled search path for the DSP Builder software installer before version 22.4 for Intel(R) FPGAs Pro Edition may allow an authenticateEPSS 0.2%CVE-2022-41693MEDIUMUncontrolled search path in the Intel(R) Quartus(R) Prime Pro edition software before version 22.3 may allow an authenticated user to potentEPSS 0.2%CVE-2022-41628MEDIUMUncontrolled search path element in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1EPSS 0.2%CVE-2022-34848MEDIUMUncontrolled search path for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enablEPSS 0.2%CVE-2024-34016MEDIUMLocal privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (WindoEPSS 0.2%CVE-2022-41982MEDIUMUncontrolled search path element in the Intel(R) VTune(TM) Profiler software before version 2023.0 may allow an authenticated user to potentEPSS 0.2%CVE-2022-26028MEDIUMUncontrolled search path in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially EPSS 0.2%CVE-2025-48496MEDIUMEmerson ValveLink Products Uncontrolled Search Path ElementEPSS 0.2%CVE-2024-2637HIGHInsecure Loading of Code in B&R ProductsEPSS 0.2%CVE-2024-33672HIGHAn issue was discovered in Veritas NetBackup before 10.4. The Multi-Threaded Agent used in NetBackup can be leveraged to perform arbitrary fEPSS 0.2%CVE-2024-2208HIGHSound Research SECOMN64 Escalation of PrivilegeEPSS 0.2%CVE-2025-66835HIGHTrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the useEPSS 0.2%CVE-2025-1804HIGHBlizzard Battle.Net profapi.dll uncontrolled search pathEPSS 0.2%CVE-2024-57964HIGHInsecure Loading of Dynamic Link Libraries in HVAC Energy Saving ProgramEPSS 0.2%CVE-2024-57963HIGHInsecure Loading of Dynamic Link Libraries in USB-CONVERTERCABLE DRIVEREPSS 0.2%