Lucene search
K

555 matches found

NVD
NVD
added 2026/06/18 8:16 p.m.14 views

CVE-2026-25865

Punto Switcher through 4.5.0.583 contains an unquoted search path element vulnerability that allows local attackers to execute arbitrary code by exploiting the application's call to WinExec without a fully qualified path for RunDll32.exe when invoking shell32.dll ControlRunDLL input.dll. Attacker...

8.5CVSS0.00149EPSS
Exploits0References3
CVE
CVE
added 2026/06/18 7:39 p.m.21 views

CVE-2026-25865

CVE-2026-25865 affects Punto Switcher 4.5.0.583. The vulnerability is an unquoted search path element invoked via WinExec when calling RunDll32.exe for shell32.dll Control_RunDLL input.dll, enabling local arbitrary code execution if an attacker places a malicious executable earlier in the search ...

8.5CVSS6.3AI score0.00149EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/18 7:39 p.m.11 views

EUVD-2026-37940

Punto Switcher through 4.5.0.583 contains an unquoted search path element vulnerability that allows local attackers to execute arbitrary code by exploiting the application's call to WinExec without a fully qualified path for RunDll32.exe when invoking shell32.dll ControlRunDLL input.dll. Attacker...

8.5CVSS6.3AI score0.00149EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/18 7:39 p.m.7 views

CVE-2026-25865

Punto Switcher through 4.5.0.583 contains an unquoted search path element vulnerability that allows local attackers to execute arbitrary code by exploiting the application's call to WinExec without a fully qualified path for RunDll32.exe when invoking shell32.dll ControlRunDLL input.dll. Attacker...

8.5CVSS6.3AI score0.00149EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-5789

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privilege...

8.5CVSS6.4AI score0.00139EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/23 1:29 a.m.7 views

SUSE CVE-2026-5789

Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a directory that is scanned before the intended application path C:\Program...

8.5CVSS6.1AI score0.00139EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/21 6:16 p.m.6 views

CVE-2026-5789

A flaw was found in CivetWeb. This vulnerability, related to an unquoted search path, allows a local attacker to execute arbitrary code with elevated privileges. By placing a malicious executable in a directory that is scanned before the legitimate CivetWeb application path, an attacker can explo...

8.5CVSS6.1AI score0.00139EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/21 3:32 p.m.7 views

EUVD-2026-24138

Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a directory that is scanned before the intended application path C:\Program...

8.5CVSS6.1AI score0.00139EPSS
Exploits0References2
NVD
NVD
added 2026/04/21 3:16 p.m.8 views

CVE-2026-5789

Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a directory that is scanned before the intended application path C:\Program...

8.5CVSS0.00139EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/21 3:16 p.m.6 views

CVE-2026-5789

Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a directory that is scanned before the intended application path C:\Program...

8.5CVSS6.2AI score0.00139EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/21 2:22 p.m.7 views

CVE-2026-5789

Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a directory that is scanned before the intended application path C:\Program...

8.5CVSS5.9AI score0.00139EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/21 2:22 p.m.7 views

CVE-2026-5789 Search path without quotes in CivetWeb

Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a directory that is scanned before the intended application path C:\Program...

8.5CVSS6.1AI score0.00139EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/21 2:22 p.m.7 views

CVE-2026-5789

Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a directory that is scanned before the intended application path C:\Program...

8.5CVSS6.1AI score0.00139EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/21 2:22 p.m.39 views

CVE-2026-5789 Search path without quotes in CivetWeb

Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a directory that is scanned before the intended application path C:\Program...

8.5CVSS0.00139EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.12 views

PT-2026-33989

Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a directory that is scanned before the intended application path C:Program FilesCivetWebCivetWeb.e...

8.5CVSS6.1AI score0.00139EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2026/04/10 12:0 a.m.101 views

NetBT e-Fatura - Privilege Escalation

Exploit Title: NetBT e-Fatura - Privilege Escalation Author: Seccops Discovery Date: 2025-10-03 Vendor: https://net-bt.com.tr/e-fatura/ Tested Version: 2024 Tested on OS: Microsoft Windows Server 2019 DC Vulnerability Type: CWE-428 Unquoted Search Path or Element CVE: CVE-2025-14018 Note: Thanks...

7.3CVSS5.8AI score0.00414EPSS
Exploits3
Snyk
Snyk
added 2026/04/03 2:38 a.m.2 views

Unquoted Search Path or Element

Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Unquoted Search Path or Element in the app.setLoginItemSettings function on Windows when the executable pat...

7.8CVSS6.1AI score0.0013EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/03 2:38 a.m.13 views

Unquoted Search Path or Element

Overview electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Unquoted Search Path or Element in the app.setLoginItemSettings function on Windows when the executable path is written to...

7.8CVSS6.1AI score0.0013EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/16 3:30 p.m.7 views

EUVD-2017-18930

Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users to execute arbitrary code with elevated privileges by placing malicious executables in the system root path. Additionally, improper directory permissions with full access for the Users...

8.5CVSS6.2AI score0.00141EPSS
Exploits1References8
NVD
NVD
added 2026/03/16 2:17 p.m.10 views

CVE-2017-20218

Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users to execute arbitrary code with elevated privileges by placing malicious executables in the system root path. Additionally, improper directory permissions with full access for the Users...

8.5CVSS0.00141EPSS
Exploits1References7
Rows per page
Query Builder