CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 4 days ago•23 views

CVE-2016-20094 AnyDesk 2.5.0 Unquoted Service Path Elevation of Privilege

8.5CVSS

EUVD•added 4 days ago•5 views

EUVD-2016-10907

8.5CVSS6.2AI score

CVE•added 4 days ago•11 views

CVE-2016-20094

CVE-2016-20094 – AnyDesk 2.5.0 : An unquoted service path vulnerability in the AnyDesk service allows local attackers to execute arbitrary code with SYSTEM privileges by exploiting the service installation. Attackers can place malicious executables in the system root path, which may be launched w...

8.5CVSS6.2AI score

Packet Storm•added 2026/06/12 12:0 a.m.•41 views

📄 AnyDesk 9.7.5 Unquoted Service Path

AnyDesk version 9.7.5 suffers from an unquoted service path vulnerability. Exploit Title: AnyDesk v9.7.5 - Unquoted Service Path Date: 2026-06-06 Exploit Author: Milad Karimi Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Vendor Homepage: http://anydesk.com...

5.3AI score

Exploits0

Malwarebytes•added 2026/05/20 3:33 p.m.•11 views

Fake malware-signing service Fox Tempest dismantled by Microsoft

Microsoft says it dismantled a malware-signing-as-a-service MSaaS called Fox Tempest, which helped cybercriminals make malware appear legitimate. The service let customers submit malicious files to be digitally signed with short-lived Microsoft-issued certificates, making the malware look...

6AI score

Exploits0

The Hacker News•added 2026/02/23 7:25 a.m.•15 views

MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP

The Iranian hacking group known as MuddyWater aka Earth Vetala, Mango Sandstorm, and MUDDYCOAST has targeted several organizations and individuals mainly located across the Middle East and North Africa MENA region as part of a new campaign codenamed Operation Olalampo. The activity, first observe...

6AI score

Exploits0

Tenable Nessus•added 2026/02/06 12:0 a.m.•8 views

AnyDesk < 9.0.5 Multiple Vulnerabilities

The version of AnyDesk installed on the remote Windows host is prior to 9.0.5. It is, therefore, affected by multiple vulnerabilities: - A denial of service vulnerability exists due to incorrect deserialization that results in failed memory allocation and a NULL pointer dereference. An...

9.8CVSS6.5AI score0.00433EPSS

Exploits2References3

OSV•added 2026/02/03 3:16 p.m.•3 views

CVE-2019-25261

AnyDesk 5.4.0 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially inject malicious executables. Attackers can exploit the unquoted binary path to place malicious files in service executable locations, potentially gaining...

7.8CVSS5.8AI score0.00164EPSS

NVD•added 2026/02/03 3:16 p.m.•4 views

CVE-2019-25261

8.5CVSS0.00164EPSS

ATTACKERKB•added 2026/02/03 2:49 p.m.•5 views

CVE-2019-25261

Exploits1References3Affected Software1

Vulnrichment•added 2026/02/03 2:49 p.m.•3 views

CVE-2019-25261 AnyDesk 5.4.0 - Unquoted Service Path

EUVD•added 2026/02/03 2:49 p.m.•5 views

EUVD-2019-19379

CVE•added 2026/02/03 2:49 p.m.•13 views

CVE-2019-25261

AnyDesk 5.4.0 on Windows is affected by an unquoted service path vulnerability in its Windows service configuration. The unquoted binary path allows a local attacker to place a malicious executable in a service executable location, potentially enabling elevated privileges. The information provide...

Exploits1References3Affected Software1

Positive Technologies•added 2026/02/03 12:0 a.m.•6 views

PT-2026-5798

8.5CVSS5.5AI score0.00164EPSS

CNNVD•added 2026/02/03 12:0 a.m.•8 views

AnyDesk 代码问题漏洞

AnyDesk is a remote desktop connection software developed by the German company AnyDesk. Version 5.4.0 of AnyDesk contains a code vulnerability. This vulnerability stems from a service path in the Windows service configuration that lacks quotation marks, which may lead to privilege escalation...

8.5CVSS7.4AI score0.00164EPSS