CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/01/28 12:29 p.m.•3 views

CVE-2020-36987

8.5CVSS6.1AI score0.00007EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/01/28 12:28 p.m.•28 views

CVE-2020-36984 EPSON 1.124 - 'seksmdb.exe' Unquoted Service Path

EPSON 1.124 contains an unquoted service path vulnerability in the SENADB service that allows local attackers to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files x86\EPSONP2B\Printer Software\Status Monitor\ to inject malicious executables...

8.5CVSS0.00007EPSS

Positive Technologies•added 2026/01/28 12:0 a.m.•6 views

PT-2026-5110

EPSON 1.124 contains an unquoted service path vulnerability in the SENADB service that allows local attackers to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:Program Files x86EPSON P2BPrinter SoftwareStatus Monitor to inject malicious executables that...

8.5CVSS6.1AI score0.00007EPSS

NVD•added 2026/01/27 7:16 p.m.•3 views

CVE-2020-36981

Motorola Device Manager 2.4.5 contains an unquoted service path vulnerability in the PST Service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in ForwardDaemon.exe to inject malicious code that will execute with elevated system privileges...

NVD•added 2026/01/27 7:16 p.m.•3 views

CVE-2020-36974

Realtek Andrea RT Filters 1.0.64.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in 'C:\Program Files\IDT\WDM\AESTSr64.exe' to inject malicious code that would...

Cvelist•added 2026/01/27 6:51 p.m.•17 views

CVE-2020-36981 Motorola Device Manager 2.4.5 - 'ForwardDaemon.exe ' Unquoted Service Path

Vulnrichment•added 2026/01/27 6:51 p.m.•2 views

CVE-2020-36982 Motorola Device Manager 2.5.4 - 'MotoHelperService.exe' Unquoted Service Path

Motorola Device Manager 2.5.4 contains an unquoted service path vulnerability in the MotoHelperService.exe service that allows local users to potentially inject malicious code. Attackers can exploit the unquoted path in the service configuration to execute arbitrary code with elevated system...

8.5CVSS6.2AI score0.00008EPSS

CVE•added 2026/01/27 6:51 p.m.•9 views

CVE-2020-36981

Summary: CVE-2020-36981 affects Motorola Device Manager 2.4.5, which is vulnerable to an unquoted service path in the PST Service. The flaw allows local attackers to potentially execute arbitrary code by abusing the unquoted path in ForwardDaemon.exe during service startup, yielding elevated priv...

8.5CVSS6.1AI score0.00008EPSS

Cvelist•added 2026/01/27 6:51 p.m.•20 views

CVE-2020-36975 EPSON Status Monitor 3 'EPSON_PM_RPCV4_06' - Unquoted Service Path

EPSON Status Monitor 3 version 8.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers can leverage the unquoted path in 'C:\Program Files\Common Files\EPSON\EPW!3SSRP\ES60RPB.EXE' to...

Vulnrichment•added 2026/01/27 6:51 p.m.•3 views

CVE-2020-36974 Realtek Andrea RT Filters 1.0.64.7 - 'AERTSr64.EXE' Unquoted Service Path

8.5CVSS6.2AI score0.00008EPSS

NVD•added 2026/01/27 4:16 p.m.•3 views

CVE-2020-36938

WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access controls to potentially modify critical DLLs and executable files in the WinAVR installation directory...

8.8CVSS0.00041EPSS

RedhatCVE•added 2026/01/27 3:23 p.m.•1 views

CVE-2025-59094

A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application d9sysdef.exe. Within this application it is possible to specify an arbitrary executable as well as the weekday and start time, when the specified executable should be run with SYSTEM...

8.4CVSS5.8AI score0.00021EPSS

Exploits0References1

Positive Technologies•added 2026/01/27 12:0 a.m.•2 views

PT-2026-5000

Wondershare Driver Install Service contains an unquoted service path vulnerability in the ElevationService executable that allows local attackers to potentially inject malicious code. Attackers can exploit the unquoted path to replace the service binary with a malicious executable, enabling...

8.5CVSS5.9AI score0.00008EPSS

Exploits0References5

Positive Technologies•added 2026/01/27 12:0 a.m.•2 views

PT-2026-4920

8.8CVSS5.9AI score0.00041EPSS

Positive Technologies•added 2026/01/27 12:0 a.m.•2 views

PT-2026-5004

8.5CVSS6.1AI score0.00008EPSS

Exploits0References5

EUVD•added 2026/01/26 9:53 p.m.•3 views

EUVD-2026-4656

pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's bin linking allows malicious npm packages to create executable shims or symlinks outside of nodemodules/.bin. Bin names starting with @ bypass validation, and after scope normalization, path traversal...

6.5CVSS5.9AI score0.0002EPSS

Exploits1References3

ATTACKERKB•added 2026/01/26 9:53 p.m.•2 views

CVE-2026-23890

6.5CVSS5.9AI score0.0002EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2026/01/26 9:53 p.m.•1 views

CVE-2026-23890 pnpm scoped bin name Path Traversal allows arbitrary file creation outside node_modules/.bin

6.5CVSS5.9AI score0.0002EPSS

Exploits1References3

NVD•added 2026/01/26 6:16 p.m.•4 views

CVE-2020-36957

PDF Complete 3.5.310.2002 contains an unquoted service path vulnerability in its pdfsvc.exe service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges...

8.5CVSS0.00022EPSS