CWE-427: CWE-427

This CVE describes a local privilege escalation vulnerability in Palo Alto Networks Cortex XDR agent on Windows. It allows authenticated local Windows...

This vulnerability in Intel NUC M15 Laptop Kit Driver Pack software allows authenticated local users to escalate privileges by exploiting an uncontrol...

This is a DLL hijacking vulnerability in Overwolf's installer that allows attackers to execute arbitrary code with user privileges by placing a malici...

This vulnerability allows attackers to load malicious DLL files via an uncontrolled search path in the OpenSSL component of Bitdefender GravityZone Bu...

CVE-2020-24755 is a DLL hijacking vulnerability in Ubiquiti UniFi Video software that allows attackers to execute arbitrary code by placing malicious ...

This vulnerability allows attackers to replace the NVENC.dll file in Teradici PCoIP Graphics Agent for Windows, enabling pixel data redirection to una...

This vulnerability allows local attackers to escalate privileges by exploiting a DLL search path issue in Lenovo PCManager. Attackers can place malici...

Trend Micro Password Manager 5 (Consumer) has a DLL hijacking vulnerability during installation that allows attackers to place malicious DLLs in insta...

This vulnerability allows attackers to execute arbitrary code on affected systems by exploiting DLL hijacking in Bosch BVMS and related products. It a...

This vulnerability allows attackers to execute arbitrary code on systems running vulnerable versions of the Bosch Video Client installer. Attackers ca...

This vulnerability allows attackers to execute arbitrary code on systems running vulnerable versions of Bosch Monitor Wall installer. Attackers can ac...

This vulnerability allows DLL hijacking in Zoho ManageEngine Desktop Central MSP, enabling attackers to execute arbitrary code with SYSTEM privileges....

This vulnerability in Utimaco SecurityServer allows authenticated non-administrator users to manipulate binaries due to overly permissive file/folder ...

This CVE describes a DLL injection vulnerability in Dell SupportAssist software that allows local low-privileged users to execute arbitrary code with ...

This vulnerability in Intel FPGA OPAE Driver for Linux allows authenticated local users to escalate privileges due to improper conditions checking. It...

CVE-2020-35145 is a local privilege escalation vulnerability in Acronis True Image for Windows, caused by DLL hijacking in multiple components. It all...

A DLL hijacking vulnerability in Trend Micro HouseCall for Home Networks allows local attackers to escalate privileges and execute arbitrary code by p...

This vulnerability allows authenticated local attackers on Windows systems with Cisco AnyConnect Secure Mobility Client to perform DLL injection attac...

OpenClaw versions 2.0.0-beta3 through 2026.2.13 contain a path traversal vulnerability in the hook transform module loading mechanism. Attackers with ...

This CVE describes an uncontrolled search path element vulnerability in Mitsubishi Electric's MILCO.S lighting control system applications. It allows ...

This vulnerability allows local attackers to execute arbitrary code with administrator privileges by tricking a user with admin rights into mounting a...

CVE-2025-23177 is a path traversal vulnerability (CWE-427) that allows attackers to load malicious DLLs or executables from untrusted locations. This ...

This vulnerability allows attackers to manipulate Pandora FMS's configuration file search paths, potentially accessing the server configuration file a...

This vulnerability allows authenticated attackers within the network to replace temporary executable files during SAP Business Objects installation wi...

A local privilege escalation vulnerability in Sophos Intercept X for Windows installer allows local users to gain SYSTEM-level privileges when the ins...

This path traversal vulnerability in Safearchive allows attackers to write arbitrary files during archive extraction by exploiting symbolic links on c...

This vulnerability in Git for Windows allows local authenticated users to place malicious configuration files in C:\etc\connectrc, which Git's connect...

This vulnerability in Go on Windows allows command injection and remote code execution when using 'go get' to fetch modules that use cgo. Attackers ca...

Dell Alienware Command Center versions before 6.2.7.0 have a path traversal vulnerability where local attackers can place malicious files in the appli...

This CVE describes a local privilege escalation vulnerability in Acronis Cyber Protect Cloud Agent for Windows. Attackers can exploit DLL hijacking to...

Dell Repository Manager versions before 3.4.8 have a path traversal vulnerability where attackers with local access can execute arbitrary code and esc...

This vulnerability allows local attackers to escalate privileges on PDF-XChange Editor installations by exploiting an uncontrolled search path element...

A DLL hijacking vulnerability in AMD Doc Nav software allows local attackers to escalate privileges by placing malicious DLLs in directories searched ...

A DLL hijacking vulnerability in AMD's Vivado design suite allows local attackers to escalate privileges by placing malicious DLLs in directories sear...

This vulnerability allows local attackers with initial low-privileged access to escalate privileges by exploiting Discord's insecure file loading mech...

D-Link D-View 8 installer versions 2.0.1.107 and below contain a DLL preloading vulnerability where the installer loads version.dll from its execution...

This vulnerability in NVIDIA Nsight Visual Studio for Windows allows attackers to execute arbitrary code with the same privileges as the Nsight Monito...

MailEnable versions before 10.54 have a DLL hijacking vulnerability where the administrative executable loads MEAINFY.DLL from its directory without p...

This CVE describes a DLL hijacking vulnerability in Acronis True Image products for Windows that allows local attackers to escalate privileges. Attack...

This vulnerability allows non-privileged local users on Windows systems to execute arbitrary code by writing a malicious openssl.cnf configuration fil...

BleachBit for Windows up to version 4.6.2 is vulnerable to DLL hijacking, allowing attackers to execute arbitrary code by placing a malicious uuid.dll...

This vulnerability allows an authorized attacker to exploit an uncontrolled search path element in Visual Studio Tools for Applications and SQL Server...

This DLL hijacking vulnerability in NI LabVIEW allows attackers to execute arbitrary code by placing a malicious DLL in an uncontrolled search path. I...

This vulnerability allows an authenticated attacker with local access to a system running Visual Studio to bypass intended access controls and elevate...

This vulnerability in Visual Studio Code allows an authorized attacker to execute arbitrary code with elevated privileges by exploiting an uncontrolle...

This vulnerability allows an authorized attacker to exploit an uncontrolled search path element in Visual Studio to execute arbitrary code with elevat...

This vulnerability allows an authorized attacker to exploit an uncontrolled search path element in Visual Studio to execute arbitrary code with elevat...

This vulnerability involves insecure DLL loading in the USB-CONVERTERCABLE DRIVER, allowing local attackers to potentially execute arbitrary code or d...

This vulnerability allows local attackers to exploit insecure DLL loading in HVAC Energy Saving Program, potentially leading to information disclosure...

This DLL hijacking vulnerability in AMD Integrated Management Technology (AIM-T) Manageability Service allows attackers to place malicious DLLs in spe...