Lucene search
+L

2602 matches found

Cvelist
Cvelist
added 2026/01/30 4:16 p.m.31 views

CVE-2020-37058 Andrea ST Filters Service 1.0.64.7 - Unquoted service path

Andrea ST Filters Service 1.0.64.7 contains an unquoted service path vulnerability in its Windows service configuration. Local attackers can exploit the unquoted path to inject malicious code that will execute with elevated LocalSystem privileges during service startup...

8.5CVSS0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/01/29 3:16 p.m.8 views

CVE-2020-37017

CodeMeter 6.60 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the CodeMeter Runtime Server service to inject malicious code that would execute with...

8.5CVSS0.00121EPSS
Exploits0References3
OSV
OSV
added 2026/01/28 6:16 p.m.10 views

CVE-2025-57795

Explorance Blue versions prior to 8.14.13 contain an authenticated remote file download vulnerability in a web service component. In default configurations, this flaw can be leveraged to achieve remote code execution...

9.9CVSS6.1AI score0.00538EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/27 6:51 p.m.3 views

CVE-2020-36979 Atheros Coex Service Application 8.0.0.255 -'ZAtheros Bt&Wlan Coex Agent' Unquoted Service Path

Atheros Coex Service Application 8.0.0.255 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path by placing malicious executables in the service path to gain elevated system privileges during service startup...

8.5CVSS5.9AI score0.00171EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/25 2:1 p.m.5 views

EUVD-2026-4636

Microvirt MEMU Play 3.7.0 contains an unquoted service path vulnerability in the MEmusvc Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with elevated LocalSystem...

8.5CVSS5.9AI score0.00119EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/01/25 2:1 p.m.3 views

CVE-2020-36936 Magic Mouse 2 utilities 2.20 - 'magicmouse2service' Unquoted Service Path

Magic Mouse 2 Utilities 2.20 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path to inject malicious executables and gain elevated system privileges by placing a malicious file in the service path...

8.5CVSS5.9AI score0.00119EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.6 views

PT-2026-4514

Name of the Vulnerable Software and Affected Versions Epson USB Display version 1.6.0.0 Description The software contains an unquoted service path vulnerability within the EMP UDSA service, which operates with LocalSystem privileges. This allows attackers to potentially gain elevated system acces...

8.5CVSS5.3AI score0.00121EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/21 5:27 p.m.6 views

EUVD-2026-3612

Hi-Rez Studios 5.1.6.3 contains an unquoted service path vulnerability in the HiPatchService that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSystem...

8.5CVSS5.7AI score0.00127EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.6 views

PT-2026-3836

Pingzapper 2.3.1 contains an unquoted service path vulnerability in the PingzapperSvc service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:Program Files x86PingzapperPZService.exe' to inject malicious executables and escalate...

8.5CVSS5.9AI score0.00129EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/21 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-10569

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed...

6.5CVSS5.7AI score0.00479EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.7 views

Oracle Hyperion security vulnerabilities

Oracle Hyperion is a financial modeling application developed by Oracle Corporation in the United States. This software provides functions such as financial settlement and report generation. A security vulnerability exists in the Oracle Planning and Budgeting Cloud Service version 25.04.07 of...

4.2CVSS7.1AI score0.00115EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.8 views

PT-2026-3672

Name of the Vulnerable Software and Affected Versions Oracle Planning and Budgeting Cloud Service versions 25.04.07 Description A flaw exists in the Oracle Planning and Budgeting Cloud Service, specifically within the EPM Agent component. A highly privileged attacker with access to the system can...

4.2CVSS7.3AI score0.00128EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : python-setuptools-39.2.0-6.el8.1 (AXSA:2023-5166:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5166:01 advisory. pypa-setuptools: Regular Expression Denial of Service ReDoS in packageindex.py CVE-2022-40897 Tenable has extracted the preceding description block directly...

5.9CVSS7.4AI score0.02617EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.2 views

MiracleLinux 7 : ntp-4.2.6p5-25.1.0.1.el7.AXS7 (AXSA:2017-1296:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1296:01 advisory. The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which...

7.5CVSS5.8AI score0.12466EPSS
Exploits2References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/16 9:28 a.m.12 views

Security Bulletin: Remediation of Multiple Apache Struts 1.3.10 Vulnerabilities in IBM Library Support for Struts

Summary Multiple EOL Apache Struts 1.3.10 Vulnerabilities have been addressed in IBM Library Support for Struts Vulnerability Details CVEID:CVE-2025-54656 DESCRIPTION: UNSUPPORTED WHEN ASSIGNED Improper Output Neutralization for Logs vulnerability in Apache Struts. This issue affects Apache Strut...

8.8CVSS8.1AI score0.96121EPSS
Exploits8Affected Software1
CVE
CVE
added 2026/01/15 11:25 p.m.20 views

CVE-2021-47809

Disk Sorter Enterprise 13.6.12 is affected by an unquoted service path vulnerability in its Windows service configuration. The issue arises from the unquoted path 'C:\Program Files\Disk Sorter Enterprise\bin\disksrs.exe', which could allow a local attacker to inject a malicious executable and esc...

8.5CVSS7AI score0.00209EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/01/13 7:36 p.m.26 views

CVE-2026-22809 tarteaucitron.js has Regular Expression Denial of Service (ReDoS) vulnerability

tarteaucitron.js is a compliant and accessible cookie banner. Prior to 1.29.0, a Regular Expression Denial of Service ReDoS vulnerability was identified in tarteaucitron.js in the handling of the issuuid parameter. This vulnerability is fixed in 1.29.0...

4.4CVSS0.00107EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/13 5:56 p.m.3 views

CVE-2026-20875

Null pointer dereference in Windows Local Security Authority Subsystem Service LSASS allows an unauthorized attacker to deny service over a network...

7.5CVSS5.4AI score0.01532EPSS
Exploits0References2Affected Software24
Vulnrichment
Vulnrichment
added 2026/01/13 5:56 p.m.2 views

CVE-2026-20835 Capability Access Management Service (camsvc) Information Disclosure Vulnerability

...

5.5CVSS6.6AI score0.00535EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/13 5:56 p.m.23 views

CVE-2026-20835 Capability Access Management Service (camsvc) Information Disclosure Vulnerability

...

5.5CVSS0.00535EPSS
Exploits0References1
Rows per page
Query Builder