548 matches found
CVE-2021-47780
Macro Expert 4.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the improperly configured service path to inject malicious executables that will be run with LocalSystem permission...
PT-2026-3175
Disk Savvy 13.6.14 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries to inject malicious executables that will be run with elevated...
PT-2026-3173
iFunbox 4.2 contains an unquoted service path vulnerability in the Apple Mobile Device Service that allows local attackers to execute code with elevated privileges. Attackers can insert a malicious executable into the unquoted service path to run with LocalSystem privileges when the service...
PT-2026-3159
Name of the Vulnerable Software and Affected Versions TotalAV version 5.15.69 Description TotalAV version 5.15.69 contains an unquoted service path issue in multiple system services running with LocalSystem privileges. An attacker can place malicious executables in specific unquoted path segments...
PT-2026-3174
Wise Care 365 5.6.7.568 contains an unquoted service path vulnerability in the WiseBootAssistant service running with LocalSystem privileges. Attackers can exploit this by inserting a malicious executable in the service path, which will execute with elevated system privileges when the service...
CVE-2023-54331
Outline 1.6.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the OutlineService executable to inject malicious code that will be executed with...
CVE-2023-54331
Outline 1.6.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the OutlineService executable to inject malicious code that will be executed with...
CVE-2022-50938
CONTPAQi AdminPAQ 14.0.0 contains an unquoted service path vulnerability in the AppKeyLicenseServer service running with LocalSystem privileges. Attackers can exploit the unquoted path to inject malicious code in the service binary path, potentially executing arbitrary code with elevated system...
CVE-2022-50920
Sandboxie-Plus 5.50.2 contains an unquoted service path vulnerability in the SbieSvc Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges durin...
CVE-2022-50904
Wondershare UBackit 2.0.5 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the wsbackup service to inject malicious executables that would run with LocalSystem...
CVE-2022-50933
CVE-2022-50933 affects Cain & Abel 4.9.56 via an unquoted service path that can allow a local attacker to execute arbitrary code with LocalSystem privileges. The vulnerability stems from an unquoted binary path used to launch the service, enabling local exploitation with SYSTEM rights and potenti...
CVE-2022-50921 WOW21 5.0.1.9 - 'Service WOW21_Service' Unquoted Service Path
WOW21 5.0.1.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions during...
CVE-2022-50920
CVE-2022-50920 concerns Sandboxie-Plus 5.50.2, where an unquoted service path in the Windows SbieSvc service allows a local attacker to potentially execute arbitrary code by injecting a binary that runs with LocalSystem privileges at service startup. The entry’s metrics show high impact (C/H/I/A)...
CVE-2022-50903
CVE-2022-50903 affects Wondershare MobileTrans 3.5.9, where the ElevationService exposes an unquoted service path vulnerability. Local users can potentially execute code with elevated privileges by placing malicious executables in specific filesystem locations that are then launched with LocalSys...
CVE-2022-50901 Wondershare Dr.Fone 11.4.9 - 'DFWSIDService' Unquoted Service Path
Wondershare Dr.Fone 11.4.9 contains an unquoted service path vulnerability in the DFWSIDService that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\Wondershare\Wondershare Dr.Fone\ to inject malicious executables that woul...
CVE-2022-50901
Wondershare Dr.Fone 11.4.9 has an unquoted service path in the DFWSIDService located at C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone, enabling local users to potentially execute arbitrary code with LocalSystem privileges. The CVE is documented with public references and an exploit in Ex...
PT-2026-2414
Name of the Vulnerable Software and Affected Versions CONTPAQi AdminPAQ version 14.0.0 Description The software contains an unquoted service path issue in the AppKeyLicenseServer service, which operates with LocalSystem privileges. An attacker can exploit this to inject malicious code into the...
PT-2026-2379
Name of the Vulnerable Software and Affected Versions Wondershare MobileTrans version 3.5.9 Description The software contains an unquoted service path vulnerability within the ElevationService. This allows local users to potentially execute code with elevated system privileges. Exploitation...
PT-2026-2397
Name of the Vulnerable Software and Affected Versions WOW21 version 5.0.1.9 Description The software contains an unquoted service path issue. This allows local attackers to potentially execute arbitrary code with elevated system privileges. Exploitation involves leveraging the unquoted binary pat...
PT-2026-2426
Name of the Vulnerable Software and Affected Versions Mediconta version 3.7.27 Description Mediconta version 3.7.27 contains an unquoted service path vulnerability within the servermedicontservice. This allows local users to potentially execute code with elevated privileges. The vulnerability...