21818 matches found
CVE-2020-36982 Motorola Device Manager 2.5.4 - 'MotoHelperService.exe' Unquoted Service Path
Motorola Device Manager 2.5.4 contains an unquoted service path vulnerability in the MotoHelperService.exe service that allows local users to potentially inject malicious code. Attackers can exploit the unquoted path in the service configuration to execute arbitrary code with elevated system...
CVE-2020-36976
Acer Global Registration Service 1.0.0.3 contains an unquoted service path vulnerability in its service configuration that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\Acer\Registration\ to inject malicious executables...
CVE-2020-36974
CVE-2020-36974 affects Realtek Andrea RT Filters 1.0.64.7. The unquoted service path vulnerability is in the startup service executable C:\Program Files\IDT\WDM\AESTSr64.exe, allowing local users to potentially execute arbitrary code with elevated privileges during service startup or system reboo...
PT-2026-5005
Motorola Device Manager 2.5.4 contains an unquoted service path vulnerability in the MotoHelperService.exe service that allows local users to potentially inject malicious code. Attackers can exploit the unquoted path in the service configuration to execute arbitrary code with elevated system...
CVE-2020-36959
IDT PC Audio 1.0.6499.0 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the STacSV service to inject malicious code that would execute with LocalSystem account...
CVE-2020-36952
IObit Uninstaller 10 Pro contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted service path in the IObit Uninstaller Service to insert malicious code that would execute with...
CVE-2020-36952 IObit Uninstaller 10 Pro - Unquoted Service Path
IObit Uninstaller 10 Pro contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted service path in the IObit Uninstaller Service to insert malicious code that would execute with...
EUVD-2020-30855
IObit Uninstaller 10 Pro contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted service path in the IObit Uninstaller Service to insert malicious code that would execute with...
CVE-2020-36934 Deep Instinct Windows Agent 1.2.24.0 - 'DeepNetworkService' Unquoted Service Path
Deep Instinct Windows Agent 1.2.24.0 contains an unquoted service path vulnerability in the DeepNetworkService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files\HP Sure Sense\DeepNetworkService.exe to inject...
PT-2026-4356
Name of the Vulnerable Software and Affected Versions Schneider Electric EcoStruxure Process Expert versions prior to 2025 Description An incorrect default permissions issue can lead to privilege escalation via a reverse shell. A local user with normal privileges can modify executable service...
Firecracker security vulnerability
Firecracker is a microvirtual machine open source project developed by firecracker-microvm, designed for serverless computing. Firecracker versions 1.13.1 and earlier, as well as version 1.14.0, have security vulnerabilities. These vulnerabilities stem from issues with UNIX symbolic link handling...
CVE-2025-71176
pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-user name pattern, which allows local users to cause a denial of service or possibly gain privileges...
UBUNTU-CVE-2025-71176
pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-user name pattern, which allows local users to cause a denial of service or possibly gain privileges...
CVE-2025-71176
CVE-2025-71176 affects pytest up to 9.0.2 on UNIX: it relies on predictable temporary directories named /tmp/pytest-of-{user}, which can enable a local attacker to cause a denial of service and potentially gain privileges via insecure temporary directory handling. The provided sources describe th...
Pytest security vulnerabilities
Pytest is a testing framework based on the Python language, developed by the Pytest team. Pytest versions 9.0.2 and earlier have security vulnerabilities. These vulnerabilities stem from reliance on directories with the /tmp/pytest-of-user naming pattern, which could allow local users to launch...
Azure Linux 3.0 Security Update: accountsservice (CVE-2012-6655)
The version of accountsservice installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2012-6655 advisory. - An issue exists AccountService 0.6.37 in the userchangepasswordauthorizedcb function in user.c which...
CVE-2021-47879
eBeam Interactive Suite 3.6 contains an unquoted service path vulnerability in the eBeam Stylus Driver service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files x86\Luidia\eBeam Stylus Driver\ to inject...
CVE-2021-47878
eBeam Education Suite 2.5.0.9 contains an unquoted service path vulnerability in the eBeam Device Service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute...
CVE-2021-47861
Event Log Explorer 4.9.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations that will be...
CVE-2021-47879 eBeam Interactive Suite 3.6 - 'eBeam Stylus Driver' Unquoted Service Path
eBeam Interactive Suite 3.6 contains an unquoted service path vulnerability in the eBeam Stylus Driver service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files x86\Luidia\eBeam Stylus Driver\ to inject...