21818 matches found
EUVD-2020-30969
SpyHunter 4 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations to gain elevated access...
EUVD-2020-30970
Iskysoft Application Framework Service 2.4.3.241 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that would ...
CVE-2020-37055
SpyHunter 4 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations to gain elevated access...
CVE-2020-37047 Deep Instinct Windows Agent 1.2.29.0 - 'DeepMgmtService' Unquoted Service Path
Deep Instinct Windows Agent 1.2.29.0 contains an unquoted service path vulnerability in the DeepMgmtService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files\HP Sure Sense\DeepMgmtService.exe to inject malicio...
CVE-2020-37045
Veritas NetBackup 7.0 contains an unquoted service path vulnerability in the NetBackup INET Daemon service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Veritas\NetBackup\bin\bpinetd.exe to inject malicious code that wou...
CVE-2020-37045 NetBackup 7.0 - 'NetBackup INET Daemon' Unquoted Service Path
Veritas NetBackup 7.0 contains an unquoted service path vulnerability in the NetBackup INET Daemon service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Veritas\NetBackup\bin\bpinetd.exe to inject malicious code that wou...
CVE-2020-37045 NetBackup 7.0 - 'NetBackup INET Daemon' Unquoted Service Path
Veritas NetBackup 7.0 contains an unquoted service path vulnerability in the NetBackup INET Daemon service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Veritas\NetBackup\bin\bpinetd.exe to inject malicious code that wou...
EUVD-2020-30972
Veritas NetBackup 7.0 contains an unquoted service path vulnerability in the NetBackup INET Daemon service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Veritas\NetBackup\bin\bpinetd.exe to inject malicious code that wou...
CVE-2020-37045
CVE-2020-37045 affects Veritas NetBackup 7.0. The vulnerability is an unquoted service path in the NetBackup INET Daemon (bpinetd.exe under C:\Program Files\Veritas\NetBackup\bin). This unquoted path can be exploited by local users to execute arbitrary code with elevated LocalSystem privileges. E...
CVE-2020-37037
Avast SecureLine 5.5.522.0 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem account...
EUVD-2020-30973
Avast SecureLine 5.5.522.0 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem account...
CVE-2020-37037
CVE-2020-37037 concerns Avast SecureLine 5.5.522.0, which contains an unquoted service path vulnerability. The root cause is an unquoted service path in the affected service configuration, allowing local users to potentially inject and execute code with LocalSystem privileges during service start...
PT-2026-5575
Avast SecureLine 5.5.522.0 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem account...
PT-2026-5579
SpyHunter 4 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations to gain elevated access...
PT-2026-5583
EPSON EasyMP Network Projection 2.81 contains an unquoted service path vulnerability in the EMP NSWLSV service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:Program Files x86EPSON ProjectorEasyMP Network Projection V2 to inject malicio...
EnigmaSoft SpyHunter 代码问题漏洞
EnigmaSoft SpyHunter is a malware prevention tool developed by the British company EnigmaSoft. EnigmaSoft SpyHunter has a code vulnerability that stems from service paths not enclosed in quotes. This vulnerability could allow local users to execute arbitrary code and gain elevated system privileg...
CVE-2025-36384
CVE-2025-36384 affects IBM Db2 for Windows versions 12.1.0–12.1.3. The root cause is an unquoted search path element, enabling a local user with filesystem access to escalate privileges. IBM’s advisory notes a CVSSv3.1 base score of 8.4 (PR:N, UI:N, AV:L, AC:L, C:H/I:H/A:H) and indicates Windows ...
CVE-2020-37059 Popcorn Time 6.2 - 'Update service' Unquoted Service Path
Popcorn Time 6.2.1.14 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can insert malicious executables in Program Files x86 or system root directories to be executed with SYSTEM-level...
CVE-2020-37059 Popcorn Time 6.2 - 'Update service' Unquoted Service Path
Popcorn Time 6.2.1.14 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can insert malicious executables in Program Files x86 or system root directories to be executed with SYSTEM-level...
CVE-2020-37059
CVE-2020-37059 concerns Popcorn Time 6.2.1.14, which is affected by an unquoted service path vulnerability in its Update service. The underlying issue is that a service binary path is not properly quoted, enabling a local, non-privileged user to place a malicious executable in directories like Pr...