ReportizFlow
Filtered by vendor
Subscriptions
Total
424 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-47896 | 1 Pdfcomplete | 1 Pdf Complete Corporate Edition | 2026-04-15 | 7.8 High |
| PDF Complete Corporate Edition 4.1.45 contains an unquoted service path vulnerability in the pdfcDispatcher service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in the service binary location to inject malicious executables that will be run with elevated LocalSystem privileges. | ||||
| CVE-2020-37030 | 1 Getoutline | 1 Outline | 2026-04-15 | 7.8 High |
| Outline Service 1.3.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in C:\Program Files (x86)\Outline to inject malicious code that would execute with LocalSystem permissions during service startup. | ||||
| CVE-2021-47803 | 1 I-funbox | 1 Ifunbox | 2026-04-15 | 7.8 High |
| iFunbox 4.2 contains an unquoted service path vulnerability in the Apple Mobile Device Service that allows local attackers to execute code with elevated privileges. Attackers can insert a malicious executable into the unquoted service path to run with LocalSystem privileges when the service restarts. | ||||
| CVE-2021-47804 | 1 Wisecleaner | 1 Wise Care 365 | 2026-04-15 | 7.8 High |
| Wise Care 365 5.6.7.568 contains an unquoted service path vulnerability in the WiseBootAssistant service running with LocalSystem privileges. Attackers can exploit this by inserting a malicious executable in the service path, which will execute with elevated system privileges when the service restarts. | ||||
| CVE-2021-47828 | 2 Microsoft, Weird Solutions | 2 Windows, Bootpturbo | 2026-04-15 | 7.8 High |
| BOOTP Turbo 2.0.0.1253 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path to execute arbitrary code with elevated LocalSystem privileges during system startup or reboot. | ||||
| CVE-2023-54338 | 1 Tftpd32 | 1 Tftpd32 | 2026-04-15 | 8.4 High |
| Tftpd32 SE 4.60 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be run with system-level permissions. | ||||
| CVE-2022-50914 | 1 Easeus | 1 Data Recovery | 2026-04-15 | 8.4 High |
| EaseUS Data Recovery 15.1.0.0 contains an unquoted service path vulnerability in the EaseUS UPDATE SERVICE executable. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges. | ||||
| CVE-2020-36981 | 1 Motorola-device-manager | 1 Motorola Device Manager | 2026-04-15 | 7.8 High |
| Motorola Device Manager 2.4.5 contains an unquoted service path vulnerability in the PST Service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in ForwardDaemon.exe to inject malicious code that will execute with elevated system privileges during service startup. | ||||
| CVE-2020-36959 | 1 Idt | 1 Idt Audio | 2026-04-15 | 7.8 High |
| IDT PC Audio 1.0.6499.0 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the STacSV service to inject malicious code that would execute with LocalSystem account permissions during service startup. | ||||
| CVE-2025-57227 | 2 Kingosoft, Root | 2 Kingo Root, Root | 2026-04-15 | 7.8 High |
| An unquoted service path in Kingosoft Technology Ltd Kingo ROOT v1.5.8.3353 allows attackers to escalate privileges via placing a crafted executable file into a parent folder. | ||||
| CVE-2025-12507 | 2 Bizerba, Microsoft | 2 Communication Server, Windows | 2026-04-15 | 8.8 High |
| The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed. | ||||
| CVE-2021-47859 | 2 Actividentity, Hid Global | 2 Activclient Cac, Actividentity | 2026-04-15 | 7.8 High |
| ActivIdentity 8.2 contains an unquoted service path vulnerability in the ac.sharedstore service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in C:\Program Files\Common Files\ActivIdentity\ to inject malicious executables and escalate privileges. | ||||
| CVE-2024-4031 | 2026-04-15 | 4.4 Medium | ||
| Unquoted Search Path or Element vulnerability in Logitech MEVO WEBCAM APP on Windows allows Local Execution of Code. | ||||
| CVE-2022-50918 | 1 Vive | 1 Runtime Service | 2026-04-15 | 8.4 High |
| VIVE Runtime Service 1.0.0.4 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path by placing malicious executables in specific system directories to gain LocalSystem access during service startup. | ||||
| CVE-2020-37101 | 2 Keepsolid, Vpnunlimitedapp | 2 Vpn Unlimited, Vpn Unlimited | 2026-04-15 | 7.8 High |
| VPN Unlimited 6.1 contains an unquoted service path vulnerability that allows local attackers to inject malicious executables into the service binary path. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\VPN Unlimited\' to replace the service executable and gain elevated system privileges. | ||||
| CVE-2022-50929 | 1 Connectify | 1 Connectify Hotspot | 2026-04-15 | 8.4 High |
| Connectify Hotspot 2018 contains an unquoted service path vulnerability in its ConnectifyService executable that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\Connectify\ConnectifyService.exe' to inject malicious executables and escalate privileges. | ||||
| CVE-2025-5191 | 2 Microsoft, Moxa | 5 Windows, Drp-a100, Drp-c100 and 2 more | 2026-04-15 | N/A |
| An Unquoted Search Path vulnerability has been identified in the utility for Moxa’s industrial computers (Windows). Due to the unquoted path configuration in the SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority directory within the search path. When the Serial Interface service starts, the malicious executable could be run with SYSTEM privileges. Successful exploitation could allow privilege escalation or enable an attacker to maintain persistence on the affected system. While successful exploitation can severely impact the confidentiality, integrity, and availability of the affected device itself, there is no loss of confidentiality, integrity, or availability within any subsequent systems. | ||||
| CVE-2020-36984 | 1 Epson | 1 Senadb | 2026-04-15 | 7.8 High |
| EPSON 1.124 contains an unquoted service path vulnerability in the SENADB service that allows local attackers to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\ to inject malicious executables that will run with LocalSystem permissions. | ||||
| CVE-2020-36985 | 2 Gearboxcomputers, Panasonic | 2 Ip Watcher, Kw Watcher | 2026-04-15 | 7.8 High |
| IP Watcher 3.0.0.30 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with elevated LocalSystem privileges during service startup. | ||||
| CVE-2022-50930 | 1 Emerson | 1 Pac Machine Edition | 2026-04-15 | 8.4 High |
| Emerson PAC Machine Edition 9.80 contains an unquoted service path vulnerability in the TrapiServer service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem permissions during service startup. | ||||