CVE-2019-25272 TexasSoft CyberPlanet 6.4.131 - 'CCSrvProxy' Unquoted Service Path

TexasSoft CyberPlanet 6.4.131 contains an unquoted service path vulnerability in the CCSrvProxy service that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files x86\TenaxSoft\CyberPlanet\SrvProxy.exe' to inject malicious executables and...

CVE-2019-25272

TexasSoft CyberPlanet 6.4.131 contains an unquoted service path vulnerability in the CCSrvProxy service that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files x86\TenaxSoft\CyberPlanet\SrvProxy.exe' to inject malicious executables and...

PT-2026-5806

Name of the Vulnerable Software and Affected Versions Easy-Hide-IP version 5.0.0.3 Description Easy-Hide-IP version 5.0.0.3 contains a flaw in the EasyRedirect service related to an unquoted service path. This allows local attackers to potentially execute arbitrary code. The unquoted path is...

PT-2026-5808

Name of the Vulnerable Software and Affected Versions BartVPN version 1.2.2 Description BartVPN version 1.2.2 has an unquoted service path issue in the BartVPNService. This allows local attackers to potentially run arbitrary code with higher system rights. Attackers can take advantage of the...

CVE-2020-37102 Adaware Web Companion 4.9.2159 - 'WCAssistantService' Unquoted Service Path

Adaware Web Companion 4.9.2159 contains an unquoted service path vulnerability in the WCAssistantService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges...

CVE-2020-37099 Disk Savvy Enterprise 12.3.18 - 'disksvs.exe' Unquoted Service Path

Disk Savvy Enterprise 12.3.18 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Savvy Enterprise\bin\disksvs.exe' to inject malicious...

EUVD-2020-30977

Disk Savvy Enterprise 12.3.18 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Savvy Enterprise\bin\disksvs.exe' to inject malicious...

CVE-2020-37098 Disk Sorter Enterprise 12.4.16 - Unquoted Service Path

Disk Sorter Enterprise 12.4.16 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be launched with...

Adaware Web Companion 代码问题漏洞

Adaware Web Companion is a security tool developed by Adaware Corporation. Version 4.9.2159 of Adaware Web Companion contains a code vulnerability. This vulnerability stems from the lack of quotation marks around the WCAssistantService service path, which may allow local attackers to execute...

Multiple Microsoft Office products vulnerable to untrusted search path

Overview Multiple Microsoft Office products contain the following vulnerability. Untrusted search path CWE-426, - CVE-2026-20943 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warni...

Linux Distros Unpatched Vulnerability : CVE-2025-4084

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to insufficient escaping of the special characters in the copy as cURL feature, an attacker could trick a user into using this command, potentially leading ...

PT-2026-5742

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.1.29 Description OpenClaw is a personal AI assistant with an OS command injection issue. The sshNodeCommand function improperly escapes user-supplied project paths, leading to potential arbitrary command executi...

CVE-2020-37064

CVE-2020-37064 affects EPSON EasyMP Network Projection 2.81. The unquoted service path vulnerability resides in the EMP_NSWLSV service and allows local users to potentially execute arbitrary code by injecting through C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2, executing w...

CVE-2020-37064 EPSON EasyMP Network Projection 2.81 - 'EMP_NSWLSV' Unquoted Service Path

EPSON EasyMP Network Projection 2.81 contains an unquoted service path vulnerability in the EMPNSWLSV service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\EPSON Projector\EasyMP Network Projection V2\ to inject...

EUVD-2020-30965

EPSON EasyMP Network Projection 2.81 contains an unquoted service path vulnerability in the EMPNSWLSV service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\EPSON Projector\EasyMP Network Projection V2\ to inject...

CVE-2020-37062

DHCP Turbo 4.61298 contains an unquoted service path vulnerability that permits local attackers to potentially execute arbitrary code by placing a malicious executable in the service path; exploitation is LOCAL with LOW complexity and requires LOW privileges, leading to elevated privileges when t...

EUVD-2020-30967

DHCP Turbo 4.61298 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers can place malicious executables in the service path to gain elevated privileges when the service starts...

CVE-2020-37061

BOOTP Turbo 2.0.1214 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted executable path to inject malicious code that will be executed when the service starts with...

CVE-2020-37061

CVE-2020-37061 affects BOOTP Turbo 2.0.1214 and describes an unquoted service path vulnerability that can allow a local attacker to potentially execute arbitrary code with elevated system privileges. The vulnerability is triggered when the service starts with LocalSystem permissions, via an unquo...

Weird Solutions DHCP Turbo 代码问题漏洞

Weird Solutions DHCP Turbo is a DHCP server software developed by Weird Solutions Corporation. Version 4.61298 of Weird Solutions DHCP Turbo contains a code vulnerability caused by an unquoted service path. This vulnerability could allow local attackers to execute arbitrary code and gain elevated...