ReportizFlow
Filtered by vendor
Subscriptions
Total
424 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-3640 | 2026-04-15 | N/A | ||
| An unquoted executable path exists in the Rockwell Automation FactoryTalk® Remote Access™ possibly resulting in remote code execution if exploited. While running the FTRA installer package, the executable path is not properly quoted, which could allow a threat actor to enter a malicious executable and run it as a System user. A threat actor needs admin privileges to exploit this vulnerability. | ||||
| CVE-2020-37037 | 1 Avast | 2 Secureline, Secureline Vpn | 2026-04-15 | 7.8 High |
| Avast SecureLine 5.5.522.0 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem account permissions during service startup. | ||||
| CVE-2020-37045 | 1 Veritas | 2 Netbackup, Netbackup Firmware | 2026-04-15 | 7.8 High |
| Veritas NetBackup 7.0 contains an unquoted service path vulnerability in the NetBackup INET Daemon service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Veritas\NetBackup\bin\bpinetd.exe to inject malicious code that would execute with elevated LocalSystem privileges. | ||||
| CVE-2019-25281 | 1 Ncp-e | 1 Ncp Secure Entry Client | 2026-04-15 | 7.8 High |
| NCP Secure Entry Client 9.2 contains an unquoted service path vulnerability in multiple Windows services that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted paths in services like ncprwsnt, rwsrsu, ncpclcfg, and NcpSec to inject malicious code that would execute with LocalSystem privileges during service startup. | ||||
| CVE-2021-47879 | 1 Luidia | 1 Ebeam Interactive Suite | 2026-04-15 | 7.8 High |
| eBeam Interactive Suite 3.6 contains an unquoted service path vulnerability in the eBeam Stylus Driver service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Luidia\eBeam Stylus Driver\ to inject malicious executables that would run with LocalSystem permissions. | ||||
| CVE-2024-36321 | 2026-04-15 | 7.3 High | ||
| Unquoted search path within AIM-T Manageability Service can allow a local attacker to escalate privileges, potentially resulting in arbitrary code execution. | ||||
| CVE-2020-36934 | 1 Microsoft | 1 Windows | 2026-04-15 | 7.8 High |
| Deep Instinct Windows Agent 1.2.24.0 contains an unquoted service path vulnerability in the DeepNetworkService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files\HP Sure Sense\DeepNetworkService.exe to inject malicious code that would execute with LocalSystem permissions during service startup. | ||||
| CVE-2019-25345 | 1 Realtek | 1 Rtk Iis Codec Service | 2026-04-15 | 7.8 High |
| Realtek IIS Codec Service 6.4.10041.133 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in the service configuration to inject malicious executables and escalate privileges on the system. | ||||
| CVE-2025-60320 | 1 Memoq | 1 Memoq | 2026-04-15 | 6.7 Medium |
| memoQ 10.1.13.ef1b2b52aae and earlier contains an unquoted service path vulnerability in the memoQ Auto Update Service (memoQauhlp101). The affected service is installed with a path containing spaces and without surrounding quotes. This misconfiguration allows local users to escalate privileges to SYSTEM by placing a malicious executable at C:\Program.exe. | ||||
| CVE-2024-58288 | 2 Genexus, Microsoft | 2 Protection Server, Windows | 2026-04-15 | N/A |
| Genexus Protection Server 9.7.2.10 contains an unquoted service path vulnerability in the protsrvservice Windows service configuration. Attackers can exploit the unquoted binary path to execute arbitrary code with elevated LocalSystem privileges by placing malicious executables in specific file system locations. | ||||
| CVE-2020-37099 | 1 Disksavvy | 1 Disksavvy Enterprise | 2026-04-15 | 7.8 High |
| Disk Savvy Enterprise 12.3.18 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Savvy Enterprise\bin\disksvs.exe' to inject malicious executables and escalate privileges. | ||||
| CVE-2020-36935 | 1 Kmspico | 1 Service Kmseldi | 2026-04-15 | 7.8 High |
| KMSpico 17.1.0.0 contains an unquoted service path vulnerability in the Service KMSELDI configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in C:\Program Files\KMSpico\Service_KMS.exe to inject malicious executables and escalate privileges. | ||||
| CVE-2025-14018 | 2026-04-15 | 7.3 High | ||
| Unquoted Search Path or Element vulnerability in NetBT Consulting Services Inc. E-Fatura allows Leveraging/Manipulating Configuration File Search Paths, Redirect Access to Libraries.This issue affects e-Fatura: before 1.2.15. | ||||
| CVE-2025-24831 | 2026-04-15 | N/A | ||
| Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378. | ||||
| CVE-2020-36952 | 1 Iobit | 2 Iobit Unlocker, Uninstaller | 2026-04-15 | 7.8 High |
| IObit Uninstaller 10 Pro contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted service path in the IObit Uninstaller Service to insert malicious code that would execute with SYSTEM-level permissions during service startup. | ||||
| CVE-2019-25292 | 1 Alps | 1 Hid Monitor Service | 2026-04-15 | 7.8 High |
| Alps HID Monitor Service 8.1.0.10 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files\Apoint2K\HidMonitorSvc.exe to inject malicious executables and gain system-level access. | ||||
| CVE-2020-36953 | 1 Minitool | 1 Shadowmaker | 2026-04-15 | 7.8 High |
| MiniTool ShadowMaker 3.2 contains an unquoted service path vulnerability in the MTAgentService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\MiniTool ShadowMaker\AgentService.exe' to inject malicious executables and escalate privileges. | ||||
| CVE-2024-4031 | 2026-04-15 | 4.4 Medium | ||
| Unquoted Search Path or Element vulnerability in Logitech MEVO WEBCAM APP on Windows allows Local Execution of Code. | ||||
| CVE-2020-36957 | 1 Pdfcomplete | 1 Pdf Complete | 2026-04-15 | 7.8 High |
| PDF Complete 3.5.310.2002 contains an unquoted service path vulnerability in its pdfsvc.exe service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges. | ||||
| CVE-2020-36976 | 1 Acer | 1 Global Registration Service | 2026-04-15 | 7.8 High |
| Acer Global Registration Service 1.0.0.3 contains an unquoted service path vulnerability in its service configuration that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Acer\Registration\ to inject malicious executables that would run with elevated LocalSystem privileges during service startup. | ||||