4328 matches found
CVE-2020-37099 Disk Savvy Enterprise 12.3.18 - 'disksvs.exe' Unquoted Service Path
Disk Savvy Enterprise 12.3.18 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Savvy Enterprise\bin\disksvs.exe' to inject malicious...
EUVD-2020-30977
Disk Savvy Enterprise 12.3.18 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Savvy Enterprise\bin\disksvs.exe' to inject malicious...
CVE-2020-37098 Disk Sorter Enterprise 12.4.16 - Unquoted Service Path
Disk Sorter Enterprise 12.4.16 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be launched with...
Adaware Web Companion 代码问题漏洞
Adaware Web Companion is a security tool developed by Adaware Corporation. Version 4.9.2159 of Adaware Web Companion contains a code vulnerability. This vulnerability stems from the lack of quotation marks around the WCAssistantService service path, which may allow local attackers to execute...
Multiple Microsoft Office products vulnerable to untrusted search path
Overview Multiple Microsoft Office products contain the following vulnerability. Untrusted search path CWE-426, - CVE-2026-20943 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warni...
PT-2026-5742
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.1.29 Description OpenClaw is a personal AI assistant with an OS command injection issue. The sshNodeCommand function improperly escapes user-supplied project paths, leading to potential arbitrary command executi...
Linux Distros Unpatched Vulnerability : CVE-2025-4084
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to insufficient escaping of the special characters in the copy as cURL feature, an attacker could trick a user into using this command, potentially leading ...
CVE-2020-37064 EPSON EasyMP Network Projection 2.81 - 'EMP_NSWLSV' Unquoted Service Path
EPSON EasyMP Network Projection 2.81 contains an unquoted service path vulnerability in the EMPNSWLSV service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\EPSON Projector\EasyMP Network Projection V2\ to inject...
EUVD-2020-30965
EPSON EasyMP Network Projection 2.81 contains an unquoted service path vulnerability in the EMPNSWLSV service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\EPSON Projector\EasyMP Network Projection V2\ to inject...
CVE-2020-37064
CVE-2020-37064 affects EPSON EasyMP Network Projection 2.81. The unquoted service path vulnerability resides in the EMP_NSWLSV service and allows local users to potentially execute arbitrary code by injecting through C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2, executing w...
EUVD-2020-30967
DHCP Turbo 4.61298 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers can place malicious executables in the service path to gain elevated privileges when the service starts...
CVE-2020-37062
DHCP Turbo 4.61298 contains an unquoted service path vulnerability that permits local attackers to potentially execute arbitrary code by placing a malicious executable in the service path; exploitation is LOCAL with LOW complexity and requires LOW privileges, leading to elevated privileges when t...
CVE-2020-37061
BOOTP Turbo 2.0.1214 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted executable path to inject malicious code that will be executed when the service starts with...
CVE-2020-37061
CVE-2020-37061 affects BOOTP Turbo 2.0.1214 and describes an unquoted service path vulnerability that can allow a local attacker to potentially execute arbitrary code with elevated system privileges. The vulnerability is triggered when the service starts with LocalSystem permissions, via an unquo...
Iskysoft Application Framework Service 代码问题漏洞
Iskysoft Application Framework Service is a backend core basic service component provided by Iskysoft Corporation in the United States. Version 2.4.3.241 of Iskysoft Application Framework Service contains a code vulnerability. This vulnerability arises from the lack of quotation marks around...
Weird Solutions TFTP Turbo 代码问题漏洞
Weird Solutions TFTP Turbo is a TFTP server software developed by Weird Solutions Corporation. The version 4.6.1273 of Weird Solutions TFTP Turbo contains a code vulnerability. This vulnerability stems from paths that lack quotation marks in the service configuration, which may allow local...
Weird Solutions BOOTP Turbo 代码问题漏洞
Weird Solutions BOOTP Turbo is a BOOTP and DHCP server software developed by Weird Solutions. Version 2.0.1214 of Weird Solutions BOOTP Turbo contains a code vulnerability caused by an unquoted service path. This vulnerability could allow local attackers to execute arbitrary code and gain system...
PT-2026-5578
Iskysoft Application Framework Service 2.4.3.241 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that would ...
Weird Solutions DHCP Turbo 代码问题漏洞
Weird Solutions DHCP Turbo is a DHCP server software developed by Weird Solutions Corporation. Version 4.61298 of Weird Solutions DHCP Turbo contains a code vulnerability caused by an unquoted service path. This vulnerability could allow local attackers to execute arbitrary code and gain elevated...
EUVD-2020-30951
Port Forwarding Wizard 4.8.0 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code through a long request in the Register feature. Attackers can craft a malicious payload with an egg tag and overwrite SEH handlers to potentially execute shellcode on...