CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-427

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2023-22947 427 2023-01-11 2023-01-23
0.0
None ??? ??? ??? ??? ??? ???
** DISPUTED ** Insecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP) before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt (rather than C:\Program Files) by default. NOTE: the vendor disputes the significance of this report, stating that "We consider the ACLs a best effort thing" and "it was a documentation mistake."
2 CVE-2023-0247 427 2023-01-12 2023-01-20
0.0
None ??? ??? ??? ??? ??? ???
Uncontrolled Search Path Element in GitHub repository bits-and-blooms/bloom prior to 3.3.1.
3 CVE-2022-46330 427 Exec Code 2022-12-21 2023-01-04
0.0
None ??? ??? ??? ??? ??? ???
Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. Installers generated by Squirrel.Windows 2.0.1 and earlier contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer.
4 CVE-2022-45422 427 2022-11-21 2022-11-23
0.0
None ??? ??? ??? ??? ??? ???
When LG SmartShare is installed, local privilege escalation is possible through DLL Hijacking attack. The LG ID is LVE-HOT-220005.
5 CVE-2022-44939 427 Exec Code 2023-01-06 2023-01-12
0.0
None ??? ??? ??? ??? ??? ???
Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL.
6 CVE-2022-44744 427 2022-11-07 2022-11-08
0.0
None ??? ??? ??? ??? ??? ???
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107.
7 CVE-2022-43751 427 Exec Code 2022-11-23 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged user to execute arbitrary code with system privileges.
8 CVE-2022-43722 427 2022-12-13 2022-12-15
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software does not properly secure a folder containing library files. This could allow an attacker to place a custom malicious DLL in this folder which is then run with SYSTEM rights when a service is started that requires this DLL. At the time of assigning the CVE, the affected firmware version of the component has already been superseded by succeeding mainline versions.
9 CVE-2022-43310 427 2022-11-09 2022-11-15
0.0
None ??? ??? ??? ??? ??? ???
An Uncontrolled Search Path Element in Foxit Software released Foxit Reader v11.2.118.51569 allows attackers to escalate privileges when searching for DLL libraries without specifying an absolute path.
10 CVE-2022-42945 427 Exec Code 2022-12-19 2022-12-28
0.0
None ??? ??? ??? ??? ??? ???
DWG TrueViewTM 2023 version has a DLL Search Order Hijacking vulnerability. Successful exploitation by a malicious attacker could result in remote code execution on the target system.
11 CVE-2022-40978 427 2022-09-19 2022-09-21
0.0
None ??? ??? ??? ??? ??? ???
The installer of JetBrains IntelliJ IDEA before 2022.2.2 was vulnerable to EXE search order hijacking
12 CVE-2022-40746 427 Exec Code 2022-11-21 2022-11-23
0.0
None ??? ??? ??? ??? ??? ???
IBM i Access Family 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236581.
13 CVE-2022-39846 427 Exec Code 2022-09-09 2022-09-21
0.0
None ??? ??? ??? ??? ??? ???
DLL hijacking vulnerability in Smart Switch PC prior to version 4.3.22083_3 allows attacker to execute arbitrary code.
14 CVE-2022-38633 427 Exec Code 2022-09-13 2022-09-17
0.0
None ??? ??? ??? ??? ??? ???
Genymotion Desktop v3.2.1 was discovered to contain a DLL hijacking vulnerability which allows attackers to escalate privileges and execute arbitrary code via a crafted binary.
15 CVE-2022-38395 427 2022-12-12 2022-12-15
0.0
None ??? ??? ??? ??? ??? ???
HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when Fusion launches the HP Performance Tune-up.
16 CVE-2022-36924 427 2022-11-17 2022-11-22
0.0
None ??? ??? ??? ??? ??? ???
The Zoom Rooms Installer for Windows prior to 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to the SYSTEM user.
17 CVE-2022-36840 427 Exec Code 2022-08-05 2022-10-27
0.0
None ??? ??? ??? ??? ??? ???
DLL hijacking vulnerability in Samsung Update Setup prior to version 2.2.9.50 allows attackers to execute arbitrary code.
18 CVE-2022-36415 427 2022-07-23 2022-08-01
0.0
None ??? ??? ??? ??? ??? ???
A DLL hijacking vulnerability exists in the uninstaller in Scooter Beyond Compare 1.8a through 4.4.2 before 4.4.3 when installed via the EXE installer. The uninstaller attempts to load DLLs out of a Windows Temp folder. If a standard user places malicious DLLs in the C:\Windows\Temp\ folder, and then the uninstaller is run as SYSTEM, the DLLs will execute with elevated privileges.
19 CVE-2022-36380 427 2022-11-11 2022-11-16
0.0
None ??? ??? ??? ??? ??? ???
Uncontrolled search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.
20 CVE-2022-36314 427 2022-12-22 2023-01-03
0.0
None ??? ??? ??? ??? ??? ???
When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1.
21 CVE-2022-36271 427 2022-09-07 2022-09-12
0.0
None ??? ??? ??? ??? ??? ???
Outbyte PC Repair Installation File 1.7.112.7856 is vulnerable to Dll Hijacking. iertutil.dll is missing so an attacker can use a malicious dll with same name and can get admin privileges.
22 CVE-2022-34902 427 Exec Code 2022-07-18 2022-07-27
0.0
None ??? ??? ??? ??? ??? ???
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Desktop Control Agent service. The service loads Qt plugins from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-15787.
23 CVE-2022-34901 427 Exec Code 2022-07-18 2022-07-27
0.0
None ??? ??? ??? ??? ??? ???
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Parallels Service. The service executes files from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16137.
24 CVE-2022-34900 427 Exec Code 2022-07-18 2022-07-27
0.0
None ??? ??? ??? ??? ??? ???
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.3 (39313) Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Dispatcher service. The service loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-15213.
25 CVE-2022-34825 427 Exec Code 2022-11-08 2022-11-09
0.0
None ??? ??? ??? ??? ??? ???
Uncontrolled Search Path Element in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code.
26 CVE-2022-34235 427 2022-08-11 2022-08-13
0.0
None ??? ??? ??? ??? ??? ???
Adobe Premiere Elements version 2020v20 (and earlier) is affected by an Uncontrolled Search Path Element which could lead to Privilege Escalation. An attacker could leverage this vulnerability to obtain admin using an existing low-privileged user. Exploitation of this issue does not require user interaction.
27 CVE-2022-34101 427 Exec Code 2022-09-13 2022-09-18
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can place a malicious DLL in a certain path to execute code and preform a privilege escalation attack.
28 CVE-2022-33921 427 Exec Code 2022-10-12 2022-10-14
0.0
None ??? ??? ??? ??? ??? ???
Dell GeoDrive, versions prior to 2.2, contains Multiple DLL Hijacking Vulnerabilities. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context.
29 CVE-2022-33037 427 Exec Code 2022-06-29 2022-07-08
4.4
None Local Medium Not required Partial Partial Partial
A binary hijack in Orwell-Dev-Cpp v5.11 allows attackers to execute arbitrary code via a crafted .exe file.
30 CVE-2022-33036 427 Exec Code 2022-06-29 2022-07-08
4.4
None Local Medium Not required Partial Partial Partial
A binary hijack in Embarcadero Dev-CPP v6.3 allows attackers to execute arbitrary code via a crafted .exe file.
31 CVE-2022-33035 427 2022-06-29 2022-07-08
7.2
None Local Low Not required Complete Complete Complete
XLPD v7.0.0094 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges.
32 CVE-2022-32498 427 Exec Code Bypass 2022-07-21 2022-07-30
0.0
None ??? ??? ??? ??? ??? ???
Dell EMC PowerStore, Versions prior to v3.0.0.0 contain a DLL Hijacking vulnerability in PSTCLI. A local attacker can potentially exploit this vulnerability to execute arbitrary code, escalate privileges, and bypass software allow list solutions, leading to system takeover or IP exposure.
33 CVE-2022-32223 427 2022-07-14 2022-10-28
0.0
None ??? ??? ??? ??? ??? ???
Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf” exists.Whenever the above conditions are present, `node.exe` will search for `providers.dll` in the current user directory.After that, `node.exe` will try to search for `providers.dll` by the DLL Search Order in Windows.It is possible for an attacker to place the malicious file `providers.dll` under a variety of paths and exploit this vulnerability.
34 CVE-2022-32168 427 2022-09-28 2022-09-29
0.0
None ??? ??? ??? ??? ??? ???
Notepad++ versions 8.4.1 and before are vulnerable to DLL hijacking where an attacker can replace the vulnerable dll (UxTheme.dll) with his own dll and run arbitrary code in the context of Notepad++.
35 CVE-2022-31694 427 2022-11-18 2022-11-22
0.0
None ??? ??? ??? ??? ??? ???
InstallBuilder Qt installers built with versions previous to 22.10 try to load DLLs from the installer binary parent directory when displaying popups. This may allow an attacker to plant a malicious DLL in the installer parent directory to allow executing code with the privileges of the installer (when the popup triggers the loading of the library). Exploiting these type of vulnerabilities generally require that an attacker has access to a vulnerable machine to plant the malicious DLL.
36 CVE-2022-31467 427 Exec Code 2022-05-23 2022-06-02
4.4
None Local Medium Not required Partial Partial Partial
A DLL hijacking vulnerability in the installed for Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, leading to execution of arbitrary code, via the installer not restricting the search path for required DLLs and then not verifying the signature of the DLLs it tries to load.
37 CVE-2022-30744 427 Exec Code 2022-06-07 2022-06-13
4.4
None Local Medium Not required Partial Partial Partial
DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows attacker to execute arbitrary code.
38 CVE-2022-30701 427 Exec Code 2022-05-27 2022-06-08
7.2
None Local Low Not required Complete Complete Complete
An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to craft a special configuration file to load an untrusted library with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
39 CVE-2022-30696 427 2022-05-16 2022-05-24
4.4
None Local Medium Not required Partial Partial Partial
Local privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 3640
40 CVE-2022-30548 427 2022-11-11 2022-11-17
0.0
None ??? ??? ??? ??? ??? ???
Uncontrolled search path element in the Intel(R) Glorp software may allow an authenticated user to potentially enable escalation of privilege via local access.
41 CVE-2022-29580 427 Exec Code Bypass 2022-12-13 2022-12-15
0.0
None ??? ??? ??? ??? ??? ???
There exists a path traversal vulnerability in the Android Google Search app. This is caused by the incorrect usage of uri.getLastPathSegment. A symbolic encoded string can bypass the path logic to get access to unintended directories. An attacker can manipulate paths that could lead to code execution on the device. We recommend upgrading beyond version 13.41
42 CVE-2022-29187 427 2022-07-12 2022-12-14
6.9
None Local Medium Not required Complete Complete Complete
Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks.
43 CVE-2022-29092 427 +Priv 2022-06-10 2022-06-17
7.2
None Local Low Not required Complete Complete Complete
Dell SupportAssist Client Consumer versions (3.11.0 and versions prior) and Dell SupportAssist Client Commercial versions (3.2.0 and versions prior) contain a privilege escalation vulnerability. A non-admin user can exploit the vulnerability and gain admin access to the system.
44 CVE-2022-28792 427 Exec Code 2022-05-03 2022-05-11
4.4
None Local Medium Not required Partial Partial Partial
DLL hijacking vulnerability in Gear IconX PC Manager prior to version 2.1.220405.51 allows attacker to execute arbitrary code. The patch adds proper absolute path to prevent dll hijacking.
45 CVE-2022-28779 427 Exec Code 2022-04-11 2022-04-19
4.6
None Local Low Not required Partial Partial Partial
Uncontrolled search path element vulnerability in Samsung Android USB Driver windows installer program prior to version 1.7.50 allows attacker to execute arbitrary code.
46 CVE-2022-28766 427 2022-11-17 2022-11-22
0.0
None ??? ??? ??? ??? ??? ???
Windows 32-bit versions of the Zoom Client for Meetings before 5.12.6 and Zoom Rooms for Conference Room before version 5.12.6 are susceptible to a DLL injection vulnerability. A local low-privileged user could exploit this vulnerability to run arbitrary code in the context of the Zoom client.
47 CVE-2022-28714 427 2022-05-05 2022-05-12
4.4
None Local Medium Not required Partial Partial Partial
On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7.2.1.5, a DLL Hijacking vulnerability exists in the BIG-IP Edge Client Windows Installer. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
48 CVE-2022-28696 427 2022-08-18 2022-08-22
0.0
None ??? ??? ??? ??? ??? ???
Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
49 CVE-2022-28541 427 Exec Code 2022-04-11 2022-04-19
4.6
None Local Low Not required Partial Partial Partial
Uncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows attackers to execute arbitrary code as Samsung Update permission.
50 CVE-2022-28394 427 2022-05-27 2022-06-08
6.9
None Local Medium Not required Complete Complete Complete
EOL Product CVE - Installer of Trend Micro Password Manager (Consumer) versions 3.7.0.1223 and below provided by Trend Micro Incorporated contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Please note that this was reported on an EOL version of the product, and users are advised to upgrade to the latest supported version (5.x).
Total number of vulnerabilities : 409   Page : 1 (This Page)2 3 4 5 6 7 8 9
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.