CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/05/25 2:15 p.m.•4 views

CVE-2018-25359 Splinterware System Scheduler Pro 5.12 Privilege Escalation

Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can rename the WService.exe file in the installation directory and replace it with a malicious...

8.6CVSS5.8AI score0.00015EPSS

Positive Technologies•added 2026/05/25 12:0 a.m.•5 views

PT-2026-43212

8.6CVSS5.8AI score0.00015EPSS

NVD•added 2026/05/16 4:16 p.m.•4 views

CVE-2020-37231

Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Attackers can place malicious executables in the unquoted path directories to execute arbitrary code...

8.5CVSS0.00014EPSS

NVD•added 2026/05/16 4:16 p.m.•3 views

CVE-2020-37232

Advanced System Care Service 13.0.0.157 contains an unquoted service path vulnerability in the AdvancedSystemCareService13 service binary path that allows local attackers to escalate privileges. Attackers can place malicious executables in the system root path that will be executed with LocalSyst...

NVD•added 2026/05/16 4:16 p.m.•3 views

CVE-2020-37230

Syncplify.me Server! 5.0.37 contains an unquoted service path vulnerability in the SMWebRestServicev5 service that allows local attackers to escalate privileges by exploiting the unquoted binary path. Attackers can insert a malicious executable into the service path and execute it with LocalSyste...

ATTACKERKB•added 2026/05/16 3:26 p.m.•3 views

CVE-2021-47974

VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories like C:\Program Files\VX Search to execute...

8.5CVSS6.2AI score0.00013EPSS

Exploits0References3Affected Software1

CVE•added 2026/05/16 3:26 p.m.•5 views

CVE-2021-47974

VX Search 13.5.28 contains an unquoted service path vulnerability affecting VX Search Server and VX Search Enterprise services. The root cause is unquoted paths such as C:\Program Files\VX Search, allowing local attackers to escalate privileges by placing a malicious executable in the unquoted di...

8.5CVSS6.2AI score0.00013EPSS

Cvelist•added 2026/05/16 3:26 p.m.•29 views

CVE-2021-47974 VX Search 13.5.28 Unquoted Service Path Privilege Escalation

Vulnrichment•added 2026/05/16 3:26 p.m.•1 views

CVE-2020-37247 Kite 4.2.0.1 U1 Unquoted Service Path Privilege Escalation

Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem...

8.5CVSS5.8AI score0.00013EPSS

EUVD•added 2026/05/16 3:25 p.m.•2 views

EUVD-2020-31232

Cvelist•added 2026/05/16 3:25 p.m.•28 views

CVE-2020-37230 Syncplify.me Server! 5.0.37 Unquoted Service Path Privilege Escalation

EUVD•added 2026/05/16 3:25 p.m.•3 views

EUVD-2020-31231

8.5CVSS5.9AI score0.00013EPSS

CVE•added 2026/05/16 3:25 p.m.•6 views

CVE-2020-37231

CVE-2020-37231 affects Privacy Drive 3.17.0 and is due to an unquoted service path in the pdsvc.exe service binary. This enables local privilege escalation to LocalSystem during service startup or system reboot by placing a malicious executable in the unquoted path directory. Metrics indicate a h...

ATTACKERKB•added 2026/05/16 3:25 p.m.•2 views

CVE-2020-37231

CVE•added 2026/05/16 3:25 p.m.•6 views

CVE-2020-37230

Syncplify.me Server! 5.0.37 is affected by an unquoted service path vulnerability in the SMWebRestServicev5 service, enabling local privilege escalation. An attacker can place a malicious executable in the unquoted binary path, which will run with LocalSystem privileges when the service restarts ...

8.5CVSS5.9AI score0.00013EPSS

Vulnrichment•added 2026/05/16 3:25 p.m.•1 views

CVE-2020-37231 Privacy Drive 3.17.0 Unquoted Service Path Privilege Escalation

CVE•added 2026/05/16 3:25 p.m.•7 views

CVE-2020-37229

OKI sPSV Port Manager 1.0.41 is affected by an unquoted service path vulnerability in the sPSVOpLclSrv service. The root cause is an unquoted path which allows local attackers to insert a malicious executable in the service’s directory; when the service restarts or the system reboots, the payload...

8.5CVSS5.8AI score0.00013EPSS

Vulnrichment•added 2026/05/16 3:25 p.m.•2 views

CVE-2020-37229 OKI sPSV Port Manager 1.0.41 Unquoted Service Path Privilege Escalation

OKI sPSV Port Manager 1.0.41 contains an unquoted service path vulnerability in the sPSVOpLclSrv service that allows local attackers to escalate privileges by inserting executable files into the unquoted path. Attackers can place a malicious executable in a directory within the service path that...

8.5CVSS5.8AI score0.00013EPSS