172 matches found
CVE-2019-25281
NCP Secure Entry Client 9.2 contains an unquoted service path vulnerability in multiple Windows services that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted paths in services like ncprwsnt, rwsrsu, ncpclcfg, and NcpSec to inject malicious code that...
Photodex ProShow Producer 代码问题漏洞
Photodex ProShow Producer is a video and image slideshow production software developed by the American company Photodex. Version 9.0.3797 of Photodex ProShow Producer contains a code vulnerability. This vulnerability stems from a service path in the ScsiAccess service that lacks quotation marks,...
CVE-2019-25274
The CVE-2019-25274 entry concerns ProShow Producer 9.0.3797, which contains an unquoted service path in the ScsiAccess service that can allow local attackers to execute arbitrary code with LocalSystem privileges during service startup. The vulnerability is rooted in how the service binary path is...
CVE-2019-25274 ProShow Producer 9.0.3797 - Unquoted Service Path
ProShow Producer 9.0.3797 contains an unquoted service path vulnerability in the ScsiAccess service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges during...
CVE-2019-25274 ProShow Producer 9.0.3797 - Unquoted Service Path
ProShow Producer 9.0.3797 contains an unquoted service path vulnerability in the ScsiAccess service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges during...
CVE-2019-25271
CVE-2019-25271 – NETGATE Data Backup 3.0.620 suffers an unquoted service path vulnerability in the NGDatBckpSrv Windows service configuration. The unquoted path can be exploited to inject and execute code with LocalSystem privileges by placing executables in specific directory locations. This mir...
CVE-2019-25269
Amiti Antivirus 25.0.640 is affected by an unquoted service path vulnerability in its Windows service configurations. The underlying issue allows attackers to place executables in specific directories to gain elevated LocalSystem privileges, leading to code execution through the unquoted path. Do...
PT-2026-5803
Name of the Vulnerable Software and Affected Versions Amiti Antivirus version 25.0.640 Description Amiti Antivirus contains an unquoted service path vulnerability in its Windows service configurations. This allows attackers to inject and execute malicious code with elevated LocalSystem privileges...
PT-2026-5807
Name of the Vulnerable Software and Affected Versions ProShow Producer version 9.0.3797 Description The software contains an unquoted service path vulnerability within the ScsiAccess service. This allows local attackers to potentially execute arbitrary code. Exploitation involves leveraging the...
CVE-2020-37102
Adaware Web Companion 4.9.2159 contains an unquoted service path vulnerability in the WCAssistantService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges...
EUVD-2020-30974
Adaware Web Companion 4.9.2159 contains an unquoted service path vulnerability in the WCAssistantService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges...
CVE-2020-37102
Adaware Web Companion 4.9.2159 contains an unquoted service path vulnerability in the WCAssistantService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges...
Flexense Disk Sorter Enterprise 代码问题漏洞
Flexense Disk Sorter Enterprise is a file management and disk space analysis software developed by Flexense Corporation. Version 12.4.16 of Flexense Disk Sorter Enterprise contains a code vulnerability. This vulnerability stems from a service path vulnerability in service configurations that lack...
CVE-2020-37064 EPSON EasyMP Network Projection 2.81 - 'EMP_NSWLSV' Unquoted Service Path
EPSON EasyMP Network Projection 2.81 contains an unquoted service path vulnerability in the EMPNSWLSV service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\EPSON Projector\EasyMP Network Projection V2\ to inject...
CVE-2020-37064
EPSON EasyMP Network Projection 2.81 contains an unquoted service path vulnerability in the EMPNSWLSV service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\EPSON Projector\EasyMP Network Projection V2\ to inject...
CVE-2020-37064
CVE-2020-37064 affects EPSON EasyMP Network Projection 2.81. The unquoted service path vulnerability resides in the EMP_NSWLSV service and allows local users to potentially execute arbitrary code by injecting through C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2, executing w...
EUVD-2020-30968
BOOTP Turbo 2.0.1214 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted executable path to inject malicious code that will be executed when the service starts with...
CVE-2020-37045 NetBackup 7.0 - 'NetBackup INET Daemon' Unquoted Service Path
Veritas NetBackup 7.0 contains an unquoted service path vulnerability in the NetBackup INET Daemon service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Veritas\NetBackup\bin\bpinetd.exe to inject malicious code that wou...
CVE-2020-37037 AVAST SecureLine 5.5.522.0 - 'SecureLine' Unquoted Service Path
Avast SecureLine 5.5.522.0 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem account...
PT-2026-5577
Deep Instinct Windows Agent 1.2.29.0 contains an unquoted service path vulnerability in the DeepMgmtService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:Program FilesHP Sure SenseDeepMgmtService.exe to inject malicious...