Lucene search
K

134 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/07 12:0 a.m.8 views

CVE-2026-30495

The Optoma CinemaX P2 projector firmware TVOS-04.24.010.04.01, Android 8.0.0 exposes Android Debug Bridge ADB on TCP port 5555 over the network without requiring authentication. The device is configured with ro.adb.secure=0, which disables RSA key verification. Additionally, a functional su binar...

5.8AI score0.00216EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/26 6:4 p.m.8 views

LibreNMS is Vulnerable to Remote Code Execution by Arbitrary File Write

Summary A vulnerability has been identified that allows an authenticated administrator to execute arbitrary code on the host server. By modifying the binary path settings for built-in network tools and bypassing an input filter, an attacker with administrative privileges can download and execute...

8.5CVSS6.3AI score0.07533EPSS
Exploits1References5Affected Software1
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.3 views

Microsoft Windows Service Binary Misconfiguration Tester

This document and included Metasploit module analyze the security risks associated with improper Windows service configurations, specifically focusing on writable service binary paths that may lead to privilege escalation. Note that this condition does not occur on a default Windows installation...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2026/02/25 2:33 a.m.24 views

CVE-2026-27615 ADB-Explorer: UNC Path Support in ManualAdbPath Leads to Remote Code Execution (RCE)

ADB Explorer is a fluent UI for ADB on Windows. In versions prior to Beta 0.9.26022, ADB-Explorer allows the ManualAdbPath settings variable, which determines the path of the ADB binary to be executed, to be set to a Universal Naming Convention UNC path in the application's settings file. This...

8.8CVSS0.00207EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.10 views

ADB Explorer 安全漏洞

ADB Explorer is a ADB user interface developed by Alex B as an individual developer. Versions of ADB Explorer prior to 0.9.26020 contain security vulnerabilities. These vulnerabilities stem from the lack of verification of the integrity or authenticity of the ADB binary path before execution, whi...

7.8CVSS6.1AI score0.00175EPSS
Exploits0References3
NVD
NVD
added 2026/02/03 3:16 p.m.5 views

CVE-2020-37101

VPN Unlimited 6.1 contains an unquoted service path vulnerability that allows local attackers to inject malicious executables into the service binary path. Attackers can exploit the unquoted path in 'C:\Program Files x86\VPN Unlimited' to replace the service executable and gain elevated system...

8.5CVSS0.00113EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/01 2:38 p.m.3 views

CVE-2020-37062

DHCP Turbo 4.61298 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers can place malicious executables in the service path to gain elevated privileges when the service starts...

8.5CVSS6.2AI score0.0015EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/28 9:16 p.m.8 views

CVE-2020-36975

EPSON Status Monitor 3 version 8.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers can leverage the unquoted path in 'C:\Program Files\Common Files\EPSON\EPW!3SSRP\ES60RPB.EXE' to...

8.5CVSS6.2AI score0.00164EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.11 views

PT-2026-4998

EPSON Status Monitor 3 version 8.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers can leverage the unquoted path in 'C:Program FilesCommon FilesEPSONEPW!3SSRPE S60RPB.EXE' to inject...

8.5CVSS6.2AI score0.00164EPSS
Exploits0References4
CVE
CVE
added 2026/01/16 7:9 p.m.15 views

CVE-2021-47847

CVE-2021-47847 affects Disk Sorter Server 13.6.12. It contains an unquoted service path vulnerability in the binary path configuration of disksrs.exe located at C:\Program Files\Disk Sorter Server\bin\disksrs.exe, enabling local attackers to inject malicious executables and escalate privileges. T...

8.5CVSS7AI score0.00153EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/16 7:9 p.m.24 views

CVE-2021-47847 Disk Sorter Server 13.6.12 - 'Disk Sorter Server' Unquoted Service Path

Disk Sorter Server 13.6.12 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Sorter Server\bin\disksrs.exe' to inject malicious...

8.5CVSS0.00153EPSS
Exploits0References3
OSV
OSV
added 2026/01/16 12:16 a.m.4 views

CVE-2020-36930

SysGauge Server 7.9.18 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\SysGauge Server\bin\sysgaus.exe' to inject malicious executables...

8.5CVSS6AI score
Exploits0References3
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.5 views

Flexense Disk Sorter Server code-related vulnerabilities

Flexense Disk Sorter Server is a file management and disk space analysis server provided by Flexense Corporation. Version 13.6.12 of Flexense Disk Sorter Server contains a code vulnerability caused by an unquoted service path in the binary path configuration, which may allow arbitrary code to be...

8.5CVSS6AI score0.00153EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/15 11:25 p.m.29 views

CVE-2020-36930 SysGauge 7.9.18 - ' SysGauge Server' Unquoted Service Path

SysGauge Server 7.9.18 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\SysGauge Server\bin\sysgaus.exe' to inject malicious executables...

8.5CVSS0.00214EPSS
Exploits1References3
EUVD
EUVD
added 2026/01/15 3:52 p.m.4 views

EUVD-2026-2774

HTTPDebuggerPro 9.11 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables and gain elevated...

8.5CVSS7.1AI score0.00114EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.9 views

PT-2026-3151

Name of the Vulnerable Software and Affected Versions SysGauge Server version 7.9.18 Description The software contains an unquoted service path vulnerability in its binary path configuration. This allows local attackers to potentially execute arbitrary code. The vulnerability exists due to the...

8.5CVSS8.2AI score0.00214EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.5 views

PT-2026-2409

Name of the Vulnerable Software and Affected Versions Cain & Abel version 4.9.56 Description The software contains an unquoted service path, potentially allowing local attackers to execute arbitrary code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious...

8.5CVSS7.3AI score0.00172EPSS
Exploits1References7
Cvelist
Cvelist
added 2025/12/24 7:28 p.m.54 views

CVE-2019-25257 LogicalDOC Enterprise 7.7.4 Authenticated Command Execution via Binary Path Manipulation

LogicalDOC Enterprise 7.7.4 contains multiple authenticated OS command execution vulnerabilities that allow attackers to manipulate binary paths when changing system settings. Attackers can exploit these vulnerabilities by modifying configuration parameters like antivirus.command,...

8.7CVSS0.0035EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/24 7:28 p.m.2 views

CVE-2019-25257 LogicalDOC Enterprise 7.7.4 Authenticated Command Execution via Binary Path Manipulation

LogicalDOC Enterprise 7.7.4 contains multiple authenticated OS command execution vulnerabilities that allow attackers to manipulate binary paths when changing system settings. Attackers can exploit these vulnerabilities by modifying configuration parameters like antivirus.command,...

8.7CVSS7.6AI score0.0035EPSS
Exploits1References3
CVE
CVE
added 2025/12/24 7:28 p.m.22 views

CVE-2019-25257

CVE-2019-25257 affects LogicalDOC Enterprise 7.7.4. The vulnerability arises from insufficient validation of binary paths when modifying system settings, allowing authenticated users to manipulate configuration parameters (e.g., antivirus.command, ocr.Tesseract.path) to execute arbitrary OS comma...

8.7CVSS7.6AI score0.0035EPSS
Exploits1References3
Rows per page
Query Builder