CVE-2021-47807

Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious...

CVE-2021-47810

WibuKey Runtime 6.51 contains an unquoted service path vulnerability in the WkSvW32.exe service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\PROGRAM FILES X86\WIBUKEY\SERVER\WkSvW32.exe' to inject malicious executables and...

CVE-2021-47807 Sync Breeze 13.6.18 - 'Multiple' Unquoted Service Path

Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious...

CVE-2021-47807

Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious...

CVE-2021-47807

CVE-2021-47807 affects Sync Breeze 13.6.18, where an unquoted Windows service path in the program files directory allows a local attacker to inject a malicious executable and escalate privileges. The vulnerability stems from the unquoted service path in the service configuration, enabling local e...

CVE-2020-36930

The CVE-2020-36930 vulnerability affects SysGauge Server 7.9.18, caused by an unquoted service path in the binary path configuration (C:\Program Files\SysGauge Server\bin\sysgaus.exe). Local attackers could exploit this to inject malicious executables and escalate privileges. Exploitation details...

CVE-2020-36928

Brother BRAgent 1.38 contains an unquoted service path vulnerability in the WBAAgentClient service running with LocalSystem privileges. Attackers can exploit the unquoted path in C:\Program Files x86\Brother\BRAgent\ to inject and execute malicious code with elevated system permissions...

PT-2026-3177

Name of the Vulnerable Software and Affected Versions Sync Breeze version 13.6.18 Description Sync Breeze version 13.6.18 contains a security issue due to an unquoted service path in its Windows service configuration. This allows local attackers to potentially execute arbitrary code. The issue...

CVE-2022-50901

Wondershare Dr.Fone 11.4.9 contains an unquoted service path vulnerability in the DFWSIDService that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\Wondershare\Wondershare Dr.Fone\ to inject malicious executables that woul...

CVE-2022-50902

The CVE-2022-50902 entry concerns Wondershare FamiSafe 1.0, where the FSService has an unquoted service path at C:\Program Files (x86)\Wondershare\FamiSafe, enabling local users to potentially execute code with LocalSystem privileges during service startup. Connected documents confirm the affecte...

PT-2026-2361

Name of the Vulnerable Software and Affected Versions Splashtop version 8.71.12001.0 Description The software contains an unquoted service path vulnerability within the Splashtop Software Updater Service. This allows local attackers to potentially execute arbitrary code. The vulnerability exists...

CVE-2023-31468

An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 Runtime RT7.3 RC3 20221209.5. The "%PROGRAMFILESX86%\INOSOFT GmbH" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. 2024-1 is a fixed version...

CVE-2023-53954

ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to potentially escalate privileges by exploiting the ActiveFaxServiceNT service configuration. Attackers with write permissions to Program Files directories can inject a malicious ActSrvNT.exe executable to...

CVE-2023-53954 ActFax 10.10 Unquoted Path Services Privilege Escalation Vulnerability

ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to potentially escalate privileges by exploiting the ActiveFaxServiceNT service configuration. Attackers with write permissions to Program Files directories can inject a malicious ActSrvNT.exe executable to...

EUVD-2025-204605

ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to potentially escalate privileges by exploiting the ActiveFaxServiceNT service configuration. Attackers with write permissions to Program Files directories can inject a malicious ActSrvNT.exe executable to...

CVE-2023-53954 ActFax 10.10 Unquoted Path Services Privilege Escalation Vulnerability

ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to potentially escalate privileges by exploiting the ActiveFaxServiceNT service configuration. Attackers with write permissions to Program Files directories can inject a malicious ActSrvNT.exe executable to...

NI LabVIEW 安全漏洞

NI LabVIEW National Instruments LabVIEW is a graphical program compilation platform from National Instruments NI. A security vulnerability exists in NI LabVIEW National Instruments LabVIEW version 2025 Q3 and earlier versions, which originates from a post-release reuse when parsing a corrupted VI...

EUVD-2019-13203

Malware in sbrugna...

EUVD-2025-21906

Malicious code in bioql PyPI...

EUVD-2025-18922

Malicious code in bioql PyPI...