16 matches found
CVE-2026-24466
Products provided by Oki Electric Industry Co., Ltd. and its OEM products Ricoh Co., Ltd., Murata Machinery, Ltd. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...
CVE-2026-24466
Products provided by Oki Electric Industry Co., Ltd. and its OEM products Ricoh Co., Ltd., Murata Machinery, Ltd. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...
CVE-2025-66271
Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...
CVE-2025-66271
Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...
PT-2025-49825
Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...
CVE-2025-62225
Optical Disc Archive Software provided by Sony Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...
CVE-2025-64151
Multiple Roboticsware products provided by Roboticsware PTE. LTD. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...
CVE-2025-64151
CVE-2025-64151 affects multiple Roboticsware products (Roboticsware PTE. LTD.) where Windows services are registered with unquoted file paths. This leads to a local privilege escalation: a user with write access to the system drive root can trigger arbitrary code execution with SYSTEM privileges....
PT-2025-45084
Name of the Vulnerable Software and Affected Versions Sony Optical Disc Archive Software affected versions not specified Description The Optical Disc Archive Software from Sony Corporation registers a Windows service with an unquoted file path. A user possessing write permissions to the system...
CVE-2025-61865
Multiple NAS management applications provided by I-O DATA DEVICE, INC. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...
CVE-2025-61871
NAS Navigator2 Windows version by BUFFALO INC. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...
CVE-2025-61871
NAS Navigator2 Windows version by BUFFALO INC. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...
CVE-2025-59307
CVE-2025-59307 concerns Century Corporation’s RAID Manager. It is caused by an unquoted Windows service path, allowing a user with write access to the system drive root to execute arbitrary code with SYSTEM privileges. Affected product: RAID Manager. Root cause (CWE-428): unquoted service path. I...
CVE-2025-58400
CVE-2025-58400 affects RATOC RAID Monitoring Manager for Windows by RATOC Systems, Inc. The root cause is an unquoted Windows service path, enabling a user with write access to the system drive root directory to run arbitrary code with SYSTEM privileges. Affected products include RATOC RAID Monit...
CVE-2025-57699
Western Digital Kitfox for Windows provided by Western Digital Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with the SYSTEM privilege...
freerdp: out-of-bounds read in irp functions
In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions parallelprocessirpcreate, serialprocessirpcreate, driveprocessirpwrite, printerprocessirpwrite, rdpeirecvpdu, serialprocessirpwrite. This has been fixed in 2.1.0...