CVE-2020-37060 Atomic Alarm Clock x86 6.3 - 'AtomicAlarmClock' Unquoted Service Path

Atomic Alarm Clock 6.3 contains a local privilege escalation vulnerability in its service configuration that allows attackers to execute arbitrary code with SYSTEM privileges. Attackers can exploit the unquoted service path by placing a malicious executable named 'Program.exe' to gain persistent...

PT-2026-5421

Atomic Alarm Clock 6.3 contains a local privilege escalation vulnerability in its service configuration that allows attackers to execute arbitrary code with SYSTEM privileges. Attackers can exploit the unquoted service path by placing a malicious executable named 'Program.exe' to gain persistent...

CVE-2025-60320

memoQ 10.1.13.ef1b2b52aae and earlier contains an unquoted service path vulnerability in the memoQ Auto Update Service memoQauhlp101. The affected service is installed with a path containing spaces and without surrounding quotes. This misconfiguration allows local users to escalate privileges to...

EUVD-2025-36719

memoQ 10.1.13.ef1b2b52aae and earlier contains an unquoted service path vulnerability in the memoQ Auto Update Service memoQauhlp101. The affected service is installed with a path containing spaces and without surrounding quotes. This misconfiguration allows local users to escalate privileges to...

CVE-2025-60320

memoQ 10.1.13.ef1b2b52aae and earlier contains an unquoted service path vulnerability in the memoQ Auto Update Service memoQauhlp101. The affected service is installed with a path containing spaces and without surrounding quotes. This misconfiguration allows local users to escalate privileges to...

CVE-2024-31804

An unquoted service path vulnerability in Terratec DMX6Fire USB v.1.23.0.02 allows a local attacker to escalate privileges via the Program.exe component...

CVE-2024-31804

An unquoted service path vulnerability in Terratec DMX6Fire USB v.1.23.0.02 allows a local attacker to escalate privileges via the Program.exe component...

CVE-2022-37173

An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:\Program.exe...

Code injection

An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:\Program.exe...

CVE-2022-37173

An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:\Program.exe...

HP System Event Utility - Local Privilege Escalation

Exploit Title: HP System Event Utility - Local Privilege Escalation Author: hyp3rlinx Date: 2020-02-11 Vendor: www.hp.com Link: https://hp-system-event-utility.en.lo4d.com/download CVE: CVE-2019-18915 + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

NSClient++ Local Elevation of Privilege Vulnerability

NSClient++ is an open source host monitoring agent software. A security vulnerability exists in versions of NSClient++ prior to 0.4.1.73. The vulnerability can be exploited to execute arbitrary code with elevated privileges via a malicious program.exe executable file in the %SYSTEMDRIVE% folder...

Security feature bypass

Net Monitor for Employees Pro through 5.3.4 has an unquoted service path, which allows a Security Feature Bypass of its documented "Block applications" design goal. The local attacker must have privileges to write to program.exe in a protected directory, such as the %SYSTEMDRIVE% directory, and...

CVE-2006-0229

CVE-2006-0229 concerns the Wehntrust Windows utility, vulnerable due to an unquoted Windows search path. A local attacker could create a malicious C:\program.exe that is executed when Wehntrust creates its autostart entry, potentially allowing privilege escalation. The CVSS data indicates local, ...

CVE-2005-2939

VMware Workstation 5.0.0 build-13124 is affected by an unquoted Windows search path vulnerability that could let a local user gain privileges by placing a malicious C:\program.exe. Root cause: unquoted path in Windows search. Impact: local privilege escalation (consistency with CVSS 2.0 metrics)....

CVE-2005-2940

Unquoted Windows search path vulnerability in Microsoft Antispyware 1.0.509 Beta 1 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, involving the programs 1 GIANTAntiSpywareMain.exe, 2 gcASNotice.exe, 3 gcasServ.exe, 4 gcasSWUpdater.exe, or 5...