CVE-2025-61635

Vulnerability in Wikimedia Foundation ConfirmEdit. This vulnerability is associated with program files includes/FancyCaptcha/ApiFancyCaptchaReload.Php. This issue affects ConfirmEdit:...

PT-2026-5814

Name of the Vulnerable Software and Affected Versions Adaware Web Companion version 4.8.2078.3950 Description Adaware Web Companion version 4.8.2078.3950 contains an unquoted service path vulnerability in the WCAssistantService. This allows local users to potentially execute code with elevated...

CVE-2020-37101 VPN unlimited 6.1 - Unquoted Service Path

VPN Unlimited 6.1 contains an unquoted service path vulnerability that allows local attackers to inject malicious executables into the service binary path. Attackers can exploit the unquoted path in 'C:\Program Files x86\VPN Unlimited' to replace the service executable and gain elevated system...

MediaWiki 安全漏洞

MediaWiki is a free and open-source wiki engine developed by the Wikimedia Foundation in the United States. This product can be used to deploy internal knowledge management and content management systems. Versions of MediaWiki prior to 1.39.14, 1.43.4, and 1.44.1 contain security vulnerabilities...

Wikimedia Thanks 安全漏洞

Wikimedia Thanks is an extension for the Wikimedia Foundation. Versions prior to 1.43.4 and 1.44.1 had security vulnerabilities, which were caused by vulnerabilities in the program files...

CVE-2020-37047 Deep Instinct Windows Agent 1.2.29.0 - 'DeepMgmtService' Unquoted Service Path

Deep Instinct Windows Agent 1.2.29.0 contains an unquoted service path vulnerability in the DeepMgmtService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files\HP Sure Sense\DeepMgmtService.exe to inject malicio...

CVE-2020-37059

Popcorn Time 6.2.1.14 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can insert malicious executables in Program Files x86 or system root directories to be executed with SYSTEM-level...

EUVD-2020-30955

Popcorn Time 6.2.1.14 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can insert malicious executables in Program Files x86 or system root directories to be executed with SYSTEM-level...

PT-2026-5420

Popcorn Time 6.2.1.14 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can insert malicious executables in Program Files x86 or system root directories to be executed with SYSTEM-level...

CVE-2026-24822

Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in ttttupup wxhelper src modules. This vulnerability is associated with program files mongoose.C. This issue affects wxhelper: through 3.9.10.19-v1...

CVE-2026-24825

Missing Release of Memory after Effective Lifetime vulnerability in ydb-platform ydb contrib/libs/yajl modules. This vulnerability is associated with program files yailtree.C. This issue affects ydb: through 24.4.4.2...

CVE-2026-24811

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inffast.C. This issue affects root...

WinAVR security vulnerability

WinAVR is an open-source microcontroller development toolkit developed by WinAVR. Version WinAVR 20100110 has a security vulnerability, which stems from improper permission settings. This vulnerability may lead to the modification of system files and executable files...

CVE-2020-36958

Kite 1.2020.1119.0 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Kite\KiteService.exe' to inject malicious executables and escalate...

CVE-2020-36958 Kite 1.2020.1119.0 - 'KiteService' Unquoted Service Path

Kite 1.2020.1119.0 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Kite\KiteService.exe' to inject malicious executables and escalate...

CVE-2020-36935

KMSpico 17.1.0.0 contains an unquoted service path vulnerability in the KMSELDI service configuration (C:\Program Files\KMSpico\Service_KMS.exe) that allows local attackers with access to potentially execute arbitrary code and escalate privileges by injecting a malicious executable. The available...

CVE-2021-47868

WIN-PACK PRO 4.8 contains an unquoted service path vulnerability in the WPCommandFileService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files \WINPAKPRO\WPCommandFileService Service.exe to inject malicious co...

CVE-2021-47859

ActivIdentity 8.2 contains an unquoted service path vulnerability in the ac.sharedstore service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in C:\Program Files\Common Files\ActivIdentity\ to inject malicious executables and...

PT-2026-3821

Brother BRAdmin Professional 3.75 contains an unquoted service path vulnerability in the BRA Scheduler service that allows local users to potentially execute arbitrary code. Attackers can place a malicious executable named 'BRAdmin' in the C:Program Files x86Brother directory to gain local system...

CVE-2021-47807

Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious...