1079 matches found
CVE-2019-25305 JumpStart 0.6.0.0 - 'jswpbapi' Unquoted Service Path
JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privileges. Attackers can exploit the unquoted path containing spaces to inject and execute malicious code with elevated system permissions...
EUVD-2019-19408
JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privileges. Attackers can exploit the unquoted path containing spaces to inject and execute malicious code with elevated system permissions...
PT-2026-6744
JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privileges. Attackers can exploit the unquoted path containing spaces to inject and execute malicious code with elevated system permissions...
CVE-2019-25287
Adaware Web Companion version 4.8.2078.3950 contains an unquoted service path vulnerability in the WCAssistantService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files x86\Lavasoft\Web Companion\Application\ t...
NCP Secure Entry Client 代码问题漏洞
NCP Secure Entry Client is a remote client connection software developed by the German company NCP. Version 9.2 of NCP Secure Entry Client contains a code vulnerability. This vulnerability stems from service paths in multiple Windows services that are not enclosed in quotes. This could allow loca...
CVE-2019-25286
GCafé 3.0 is affected by an unquoted service path vulnerability in the gbClientService. The unquoted path in the service configuration enables local attackers to inject a malicious executable and have it run with LocalSystem permissions, effectively allowing local privilege escalation. Affected c...
CVE-2019-25276 Studio 5000 Logix Designer 30.01.00 - 'FactoryTalk Activation Service' Unquoted Service Path
Studio 5000 Logix Designer 30.01.00 contains an unquoted service path vulnerability in the FactoryTalk Activation Service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files x86\Rockwell Software\FactoryTalk...
CVE-2019-25281
NCP Secure Entry Client 9.2 contains an unquoted service path vulnerability in multiple Windows services that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted paths in services like ncprwsnt, rwsrsu, ncpclcfg, and NcpSec to inject malicious code that...
CVE-2019-25281
CVE-2019-25281 concerns NCP Secure Entry Client 9.2. The issue is an unquoted service path vulnerability in multiple Windows services (e.g., ncprwsnt, rwsrsu, ncpclcfg, NcpSec) that can be exploited to inject and execute code with LocalSystem privileges during service startup. Exploitation is des...
CVE-2019-25271 NETGATE Data Backup 3.0.620 - 'NGDatBckpSrv' Unquoted Service Path
NETGATE Data Backup 3.0.620 contains an unquoted service path vulnerability in its NGDatBckpSrv Windows service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with LocalSystem privileges by placing executable files in specific directory locations...
CVE-2019-25271 NETGATE Data Backup 3.0.620 - 'NGDatBckpSrv' Unquoted Service Path
NETGATE Data Backup 3.0.620 contains an unquoted service path vulnerability in its NGDatBckpSrv Windows service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with LocalSystem privileges by placing executable files in specific directory locations...
CVE-2019-25269 Amiti Antivirus 25.0.640 - Unquoted Service Path Vulnerability
Amiti Antivirus 25.0.640 contains an unquoted service path vulnerability in its Windows service configurations. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges by placing executable files in specific directory locations...
CVE-2019-25269
Amiti Antivirus 25.0.640 contains an unquoted service path vulnerability in its Windows service configurations. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges by placing executable files in specific directory locations...
PT-2026-5814
Name of the Vulnerable Software and Affected Versions Adaware Web Companion version 4.8.2078.3950 Description Adaware Web Companion version 4.8.2078.3950 contains an unquoted service path vulnerability in the WCAssistantService. This allows local users to potentially execute code with elevated...
PT-2026-5804
Name of the Vulnerable Software and Affected Versions NETGATE Data Backup version 3.0.620 Description The software contains an unquoted service path vulnerability in its NGDatBckpSrv Windows service configuration. This allows attackers to inject and execute malicious code with LocalSystem...
PT-2026-5809
Name of the Vulnerable Software and Affected Versions Studio 5000 Logix Designer version 30.01.00 Description Studio 5000 Logix Designer 30.01.00 has an unquoted service path issue within the FactoryTalk Activation Service. This allows local users to potentially run code with higher privileges. T...
CVE-2020-37098
Disk Sorter Enterprise 12.4.16 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be launched with...
CVE-2020-37102 Adaware Web Companion 4.9.2159 - 'WCAssistantService' Unquoted Service Path
Adaware Web Companion 4.9.2159 contains an unquoted service path vulnerability in the WCAssistantService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges...
SUSE CVE-2026-1757
A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to fr...
PT-2026-5847
Disk Sorter Enterprise 12.4.16 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be launched with...