1069 matches found
PT-2026-3326
Name of the Vulnerable Software and Affected Versions Microsoft Edge affected versions not specified Description The Microsoft Edge Elevation Service has a design flaw where a privileged COM interface does not properly check the permissions of the process making the request. A standard local user...
PT-2026-3285
Name of the Vulnerable Software and Affected Versions DHCP Broadband version 4.1.0.1503 Description The software contains an unquoted service path vulnerability in its service configuration. This allows local attackers to execute code with elevated privileges. The vulnerable path is located at...
CVE-2021-47804
Wise Care 365 5.6.7.568 contains an unquoted service path vulnerability in the WiseBootAssistant service running with LocalSystem privileges. Attackers can exploit this by inserting a malicious executable in the service path, which will execute with elevated system privileges when the service...
CVE-2021-47787
CVE-2021-47787 affects TotalAV 5.15.69 and describes an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. The root cause is an unquoted path segment that could allow an attacker to place a malicious executable in the path, potentially gaining SYS...
CVE-2021-47787 TotalAV 5.15.69 - Unquoted Service Path
TotalAV 5.15.69 contains an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. Attackers can place malicious executables in specific unquoted path segments to potentially gain SYSTEM-level access by exploiting the service path configuration...
CVE-2021-47787
TotalAV 5.15.69 contains an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. Attackers can place malicious executables in specific unquoted path segments to potentially gain SYSTEM-level access by exploiting the service path configuration...
CVE-2021-47780 Macro Expert 4.7 - Unquoted Service Path
Macro Expert 4.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the improperly configured service path to inject malicious executables that will be run with LocalSystem permission...
CVE-2020-36928
CVE-2020-36928: Brother BRAgent 1.38 contains an unquoted service path in the WBA_Agent_Client service that runs with LocalSystem privileges. An attacker can exploit the unquoted path in C:\Program Files (x86)\Brother\BRAgent\ to inject and execute malicious code with elevated system permissions....
CVE-2020-36928 Brother BRAgent 1.38 - 'WBA_Agent_Client' Unquoted Service Path
Brother BRAgent 1.38 contains an unquoted service path vulnerability in the WBAAgentClient service running with LocalSystem privileges. Attackers can exploit the unquoted path in C:\Program Files x86\Brother\BRAgent\ to inject and execute malicious code with elevated system permissions...
CVE-2020-36928 Brother BRAgent 1.38 - 'WBA_Agent_Client' Unquoted Service Path
Brother BRAgent 1.38 contains an unquoted service path vulnerability in the WBAAgentClient service running with LocalSystem privileges. Attackers can exploit the unquoted path in C:\Program Files x86\Brother\BRAgent\ to inject and execute malicious code with elevated system permissions...
CVE-2020-36928
Brother BRAgent 1.38 contains an unquoted service path vulnerability in the WBAAgentClient service running with LocalSystem privileges. Attackers can exploit the unquoted path in C:\Program Files x86\Brother\BRAgent\ to inject and execute malicious code with elevated system permissions...
CVE-2021-47773
Dynojet Power Core 2.3.0 contains an unquoted service path vulnerability in the DJ.UpdateService that allows local authenticated users to potentially execute code with elevated privileges. Attackers can exploit the unquoted binary path by placing malicious executables in the service's file path t...
CVE-2021-47767
10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path segments to achieve privilege escalati...
CVE-2021-47767
10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path segments to achieve privilege escalati...
CVE-2021-47773
CVE-2021-47773: Dynojet Power Core 2.3.0 contains an unquoted service path vulnerability in the DJ.UpdateService that allows local authenticated users to potentially execute code with elevated privileges. Exploitation involves placing a malicious executable in the service file path to gain Local ...
CVE-2021-47773 Dynojet Power Core 2.3.0 - Unquoted Service Path
Dynojet Power Core 2.3.0 contains an unquoted service path vulnerability in the DJ.UpdateService that allows local authenticated users to potentially execute code with elevated privileges. Attackers can exploit the unquoted binary path by placing malicious executables in the service's file path t...
EUVD-2026-2756
Dynojet Power Core 2.3.0 contains an unquoted service path vulnerability in the DJ.UpdateService that allows local authenticated users to potentially execute code with elevated privileges. Attackers can exploit the unquoted binary path by placing malicious executables in the service's file path t...
CVE-2021-47773
Dynojet Power Core 2.3.0 contains an unquoted service path vulnerability in the DJ.UpdateService that allows local authenticated users to potentially execute code with elevated privileges. Attackers can exploit the unquoted binary path by placing malicious executables in the service's file path t...
CVE-2021-47767 10-Strike Network Inventory Explorer Pro 9.31 - 'srvInventoryWebServer' Unquoted Service Path
10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path segments to achieve privilege escalati...
PT-2026-3043
Name of the Vulnerable Software and Affected Versions 10-Strike Network Inventory Explorer Pro version 9.31 Description The software contains an unquoted service path vulnerability in the srvInventoryWebServer service, which runs with LocalSystem privileges. An attacker can exploit this by placin...