CVE-2021-47879

eBeam Interactive Suite 3.6 contains an unquoted service path vulnerability in the eBeam Stylus Driver service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files x86\Luidia\eBeam Stylus Driver\ to inject...

CVE-2021-47880 Realtek Wireless LAN Utility 700.1631 - 'Realtek11nSU' Unquoted Service Path

Realtek Wireless LAN Utility 700.1631 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted service path by inserting malicious code in the system root path that would execute during...

EUVD-2026-3631

Realtek Wireless LAN Utility 700.1631 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted service path by inserting malicious code in the system root path that would execute during...

EUVD-2026-3622

WIN-PACK PRO 4.8 contains an unquoted service path vulnerability in the WPCommandFileService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files \WINPAKPRO\WPCommandFileService Service.exe to inject malicious co...

EUVD-2026-3625

WIN-PACK PRO 4.8 contains an unquoted service path vulnerability in the GuardTourService that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files \WINPAKPRO\WP GuardTour Service.exe to inject malicious code th...

EUVD-2026-3635

Event Log Explorer 4.9.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations that will be...

PT-2026-3813

Event Log Explorer 4.9.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations that will be...

PT-2026-3831

eBeam Interactive Suite 3.6 contains an unquoted service path vulnerability in the eBeam Stylus Driver service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:Program Files x86LuidiaeBeam Stylus Driver to inject malicious...

PT-2026-3821

Brother BRAdmin Professional 3.75 contains an unquoted service path vulnerability in the BRA Scheduler service that allows local users to potentially execute arbitrary code. Attackers can place a malicious executable named 'BRAdmin' in the C:Program Files x86Brother directory to gain local system...

IBM Business Automation Workflow security vulnerabilities

IBM Business Automation Workflow is a workflow automation solution developed by the American multinational company International Business Machines IBM. This product is primarily used for workflow management and compliance control, and it features workflow visibility and scalability. Versions of I...

CVE-2021-47826

CVE-2021-47826 affects Acer Backup Manager 3.0.0.99: an unquoted service path in the NTI IScheduleSvc service allows local users to potentially execute arbitrary code with LocalSystem privileges. The unquoted path is in C:\Program Files (x86)\NTI\Acer Backup Manager. Exploitation would require lo...

CVE-2021-47825 Acer Updater Service 1.2.3500.0 - 'UpdaterService.exe' Unquoted Service Path

Acer Updater Service 1.2.3500.0 contains an unquoted service path vulnerability that allows local users to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files\Acer\Acer Updater\ to inject malicious executables that will run with LocalSystem...

CVE-2021-47823

Acer ePowerSvc 6.0.3008.0 contains an unquoted service path vulnerability in its service configuration. The unquoted path could allow a local attacker to inject and execute code with LocalSystem privileges during service startup. Reported impact includes potential for full local privilege escalat...

CVE-2021-47806

Dup Scout 13.5.28 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Dup Scout Server\bin\dupscts.exe' to inject malicious executables...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000710)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000710 advisory. The memory resource controller aka memcg in the Linux kernel allows local users to cause a denial of service deadlock by spawning new processes within a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000598)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000598 advisory. The llcuirecvmsg function in net/llc/afllc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001092)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001092 advisory. The bpfintjitcompile function in arch/x86/net/bpfjitcomp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service system crash by creating ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000627)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000627 advisory. arch/x86/kernel/cpu/perfeventintel.c in the Linux kernel before 3.8.9, when the Performance Events Subsystem is enabled, specifies an incorrect bitmask, which allows...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004788)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004788 advisory. A flaw in netrdsallocsgs in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 Availability impacts. CVSS Vector...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000794)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000794 advisory. The copycreds function in kernel/cred.c in the Linux kernel before 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users...