Lucene search
K

1079 matches found

RedhatCVE
RedhatCVE
added 2026/06/08 6:43 p.m.10 views

CVE-2026-11487

A flaw was found in Neovim. A local user could exploit this vulnerability by manipulating the argument path in the M.read function within the runtime/lua/vim/secure.lua file. This can lead to command injection, allowing the attacker to execute arbitrary commands on the local system...

5.3CVSS5.8AI score0.00923EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2026/06/01 12:0 a.m.115 views

📄 MATLAB R2024a Arbitrary Local System Information Disclosure

This proof of concept tool demonstrates arbitrary local system information disclosure via MATLAB using system/fileread primitives. ================================================================================================================================== | Title : MATLAB R2024a Full...

5.9AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/25 2:15 p.m.10 views

CVE-2018-25359 Splinterware System Scheduler Pro 5.12 Privilege Escalation

Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can rename the WService.exe file in the installation directory and replace it with a malicious...

8.6CVSS5.8AI score0.00159EPSS
Exploits0References3
CVE
CVE
added 2026/05/25 2:15 p.m.23 views

CVE-2018-25359

CVE-2018-25359 affects Splinterware System Scheduler Pro 5.12. The issue is insecure file permissions enabling low-privilege users to replace the service executable (WService.exe) in the installation directory, causing a malicious binary to run with LocalSystem privileges when the service starts....

8.6CVSS5.8AI score0.00159EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.12 views

PT-2026-43212

Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can rename the WService.exe file in the installation directory and replace it with a malicious...

8.6CVSS5.8AI score0.00159EPSS
Exploits0References4
NVD
NVD
added 2026/05/16 4:16 p.m.12 views

CVE-2020-37231

Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Attackers can place malicious executables in the unquoted path directories to execute arbitrary code...

8.5CVSS0.0012EPSS
Exploits0References4
NVD
NVD
added 2026/05/16 4:16 p.m.14 views

CVE-2020-37232

Advanced System Care Service 13.0.0.157 contains an unquoted service path vulnerability in the AdvancedSystemCareService13 service binary path that allows local attackers to escalate privileges. Attackers can place malicious executables in the system root path that will be executed with LocalSyst...

8.5CVSS0.00116EPSS
Exploits0References4
NVD
NVD
added 2026/05/16 4:16 p.m.12 views

CVE-2020-37230

Syncplify.me Server! 5.0.37 contains an unquoted service path vulnerability in the SMWebRestServicev5 service that allows local attackers to escalate privileges by exploiting the unquoted binary path. Attackers can insert a malicious executable into the service path and execute it with LocalSyste...

8.5CVSS0.00114EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/16 3:26 p.m.9 views

CVE-2021-47974

VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories like C:\Program Files\VX Search to execute...

8.5CVSS6.2AI score0.00121EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/16 3:26 p.m.109 views

CVE-2021-47974 VX Search 13.5.28 Unquoted Service Path Privilege Escalation

VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories like C:\Program Files\VX Search to execute...

8.5CVSS0.00121EPSS
Exploits0References3
CVE
CVE
added 2026/05/16 3:26 p.m.14 views

CVE-2021-47974

VX Search 13.5.28 contains an unquoted service path vulnerability affecting VX Search Server and VX Search Enterprise services. The root cause is unquoted paths such as C:\Program Files\VX Search, allowing local attackers to escalate privileges by placing a malicious executable in the unquoted di...

8.5CVSS6.2AI score0.00121EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/16 3:26 p.m.8 views

CVE-2020-37247 Kite 4.2.0.1 U1 Unquoted Service Path Privilege Escalation

Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem...

8.5CVSS5.8AI score0.00115EPSS
Exploits0References3
CVE
CVE
added 2026/05/16 3:25 p.m.15 views

CVE-2020-37231

CVE-2020-37231 affects Privacy Drive 3.17.0 and is due to an unquoted service path in the pdsvc.exe service binary. This enables local privilege escalation to LocalSystem during service startup or system reboot by placing a malicious executable in the unquoted path directory. Metrics indicate a h...

8.5CVSS6.2AI score0.0012EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/16 3:25 p.m.36 views

CVE-2020-37230 Syncplify.me Server! 5.0.37 Unquoted Service Path Privilege Escalation

Syncplify.me Server! 5.0.37 contains an unquoted service path vulnerability in the SMWebRestServicev5 service that allows local attackers to escalate privileges by exploiting the unquoted binary path. Attackers can insert a malicious executable into the service path and execute it with LocalSyste...

8.5CVSS0.00114EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/16 3:25 p.m.9 views

EUVD-2020-31231

Syncplify.me Server! 5.0.37 contains an unquoted service path vulnerability in the SMWebRestServicev5 service that allows local attackers to escalate privileges by exploiting the unquoted binary path. Attackers can insert a malicious executable into the service path and execute it with LocalSyste...

8.5CVSS5.9AI score0.00114EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/16 3:25 p.m.9 views

CVE-2020-37231 Privacy Drive 3.17.0 Unquoted Service Path Privilege Escalation

Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Attackers can place malicious executables in the unquoted path directories to execute arbitrary code...

8.5CVSS6.2AI score0.0012EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/16 3:25 p.m.10 views

EUVD-2020-31232

Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Attackers can place malicious executables in the unquoted path directories to execute arbitrary code...

8.5CVSS6.2AI score0.0012EPSS
Exploits0References4
CVE
CVE
added 2026/05/16 3:25 p.m.15 views

CVE-2020-37230

Syncplify.me Server! 5.0.37 is affected by an unquoted service path vulnerability in the SMWebRestServicev5 service, enabling local privilege escalation. An attacker can place a malicious executable in the unquoted binary path, which will run with LocalSystem privileges when the service restarts ...

8.5CVSS5.9AI score0.00114EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/16 3:25 p.m.7 views

CVE-2020-37231

Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Attackers can place malicious executables in the unquoted path directories to execute arbitrary code...

8.5CVSS6.2AI score0.0012EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/16 3:25 p.m.9 views

CVE-2020-37229 OKI sPSV Port Manager 1.0.41 Unquoted Service Path Privilege Escalation

OKI sPSV Port Manager 1.0.41 contains an unquoted service path vulnerability in the sPSVOpLclSrv service that allows local attackers to escalate privileges by inserting executable files into the unquoted path. Attackers can place a malicious executable in a directory within the service path that...

8.5CVSS5.8AI score0.00114EPSS
Exploits0References4
Rows per page
Query Builder