4272 matches found
Microsoft VFS for Git code issue vulnerability
Microsoft VFS for Git is a Git optimization system developed by Microsoft Corporation in the United States. Version 1.0.21014.1 of Microsoft VFS for Git contains a code vulnerability. This vulnerability stems from the Windows service GVFS.Service having a service path that lacks quotes, which may...
PT-2026-3815
MacPaw Encrypto 1.0.1 contains an unquoted service path vulnerability in its Encrypto Service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:Program FilesEncrypto to inject malicious executables and escalate privileges...
OKI Configuration Tool code-related vulnerabilities
OKI Configuration Tool is a configuration management tool developed by OKI Corporation. Version 1.6.53 of the OKI Configuration Tool contains a code vulnerability. This vulnerability stems from an unquoted service path within the OKI Local Port Manager service, which may allow local attackers to...
PT-2026-3835
OKI Configuration Tool 1.6.53 contains an unquoted service path vulnerability in the OKI Local Port Manager service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:Program FilesOkidataCommonextend3portmgrsrv.exe' to inject malicious...
PT-2026-3814
Hi-Rez Studios 5.1.6.3 contains an unquoted service path vulnerability in the HiPatchService that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSystem...
Hi-Rez Studios HiPatchService code-related vulnerabilities
Hi-Rez Studios HiPatchService is a software update service provided by Hi-Rez Studios in the United States. Version 5.1.6.3 of Hi-Rez Studios HiPatchService contains a code vulnerability. This vulnerability stems from the use of service paths without quotes in HiPatchService, which may allow loca...
MacPaw Encrypto code-related vulnerabilities
MacPaw Encrypto is a cross-platform file encryption tool developed by the Ukrainian company MacPaw. Version 1.0.1 of MacPaw Encrypto contains a code vulnerability. This vulnerability stems from the Encrypto Service’s configuration, where a service path without quotes was used, potentially allowin...
Fyrolabs Pingzapper code issue vulnerability
Fyrolabs Pingzapper is a web accelerator developed by Fyrolabs Corporation in the United States. The version 2.3.1 of Fyrolabs Pingzapper contains a code vulnerability. This vulnerability stems from an unquoted service path within the PingzapperSvc service, which may allow local attackers to...
Realtek Wireless LAN Utility code-related vulnerabilities
The Realtek Wireless LAN Utility is a wireless network card configuration and management tool developed by Realtek Semiconductor. Version 700.1631 of the Realtek Wireless LAN Utility contains a code vulnerability caused by an unquoted service path. This vulnerability may allow local users to...
Honeywell WIN-PACK PRO code issue vulnerability
Honeywell WIN-PACK PRO is a security management platform software developed by the American company Honeywell. Version 4.8 of Honeywell WIN-PACK PRO contains a code vulnerability. This vulnerability stems from the ScheduleService component, which uses service paths without quotes, potentially...
MiracleLinux 7 : jasper-1.900.1-33.0.1.el7.AXS7 (AXSA:2024-8730:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8730:01 advisory. CVE-2023-51257: fix an integer-overflow bug in the ICC profile parsing code CVEs: CVE-2023-51257 An invalid memory write issue in Jasper-Software Jasper...
MiracleLinux 3 : sysstat-7.0.2-11.0.1.AXS3 (AXSA:2011-321:01)
The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2011-321:01 advisory. This package provides the sar and iostat commands for Linux. Sar and iostat enable system monitoring of disk, network, and other IO activity. Security issues...
CVE-2021-47847
CVE-2021-47847 affects Disk Sorter Server 13.6.12. It contains an unquoted service path vulnerability in the binary path configuration of disksrs.exe located at C:\Program Files\Disk Sorter Server\bin\disksrs.exe, enabling local attackers to inject malicious executables and escalate privileges. T...
CVE-2021-47829
CVE-2021-47829 applies to DHCP Broadband 4.1.0.1503 and is caused by an unquoted service path in the dhcpt.exe service, enabling local attackers to run code with LocalSystem privileges during service startup. Multiple connected sources corroborate the unquoted path at C:\Program Files\DHCP Broadb...
CVE-2021-47829
DHCP Broadband 4.1.0.1503 contains an unquoted service path vulnerability in its service configuration that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path in 'C:\Program Files\DHCP Broadband 4\dhcpt.exe' to inject malicious code that will...
CVE-2021-47810
WibuKey Runtime 6.51 contains an unquoted service path vulnerability in the WkSvW32.exe service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\PROGRAM FILES X86\WIBUKEY\SERVER\WkSvW32.exe' to inject malicious executables and...
CVE-2021-47806
Dup Scout 13.5.28 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Dup Scout Server\bin\dupscts.exe' to inject malicious executables...
CVE-2021-47807
Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious...
CVE-2021-47790
Active WebCam 11.5 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path by placing malicious executables in specific directory locations to gain administrative...
CVE-2021-47780
Macro Expert 4.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the improperly configured service path to inject malicious executables that will be run with LocalSystem permission...