3149 matches found
CVE-2026-7280
AVACAST developed by eMPIA Technology has a Unquoted Service Path vulnerability, allowing privileged local attackers to place a malicious executable file in a specific directory, resulting in arbitrary code execution with system privileges when the AVACAST service starts...
Improper Validation of Integrity Check Value
Overview sagemaker is an Open source library for training and deploying models on Amazon SageMaker. Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value in the Triton inference handler. An attacker can execute arbitrary code with the SageMaker execution...
Lenovo LegionSpace 1.7.11.2 - 'DAService' Unquoted Service Path
Exploit Title: Lenovo LegionSpace 1.7.11.2 - 'DAService' Unquoted Service Path Exploit Author: CENACIF-MX Discovery Date: 2025-12-04 Vendor Homepage: https://support.lenovo.com/es/es/solutions/legionspace Tested Version: 1.7.11.2 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft...
📄 Lenovo LegionSpace 1.7.11.2 Unquoted Service Path
Lenovo LegionSpace version 1.7.11.2 suffers from an unquoted service path vulnerability. Exploit Title: Lenovo LegionSpace 1.7.11.2 - 'DAService' Unquoted Service Path Exploit Author: CENACIF-MX Discovery Date: 2025-12-04 Vendor Homepage: https://support.lenovo.com/es/es/solutions/legionspace...
CVE-2021-47974
VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories like C:\Program Files\VX Search to execute...
CVE-2020-37247
Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem...
CVE-2020-37231
Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Attackers can place malicious executables in the unquoted path directories to execute arbitrary code...
CVE-2020-37232
Advanced System Care Service 13.0.0.157 contains an unquoted service path vulnerability in the AdvancedSystemCareService13 service binary path that allows local attackers to escalate privileges. Attackers can place malicious executables in the system root path that will be executed with LocalSyst...
CVE-2020-37229
OKI sPSV Port Manager 1.0.41 contains an unquoted service path vulnerability in the sPSVOpLclSrv service that allows local attackers to escalate privileges by inserting executable files into the unquoted path. Attackers can place a malicious executable in a directory within the service path that...
CVE-2020-37230
Syncplify.me Server! 5.0.37 contains an unquoted service path vulnerability in the SMWebRestServicev5 service that allows local attackers to escalate privileges by exploiting the unquoted binary path. Attackers can insert a malicious executable into the service path and execute it with LocalSyste...
EUVD-2021-34831
VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories like C:\Program Files\VX Search to execute...
CVE-2021-47974
VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories like C:\Program Files\VX Search to execute...
CVE-2021-47974
VX Search 13.5.28 contains an unquoted service path vulnerability affecting VX Search Server and VX Search Enterprise services. The root cause is unquoted paths such as C:\Program Files\VX Search, allowing local attackers to escalate privileges by placing a malicious executable in the unquoted di...
CVE-2021-47974 VX Search 13.5.28 Unquoted Service Path Privilege Escalation
VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories like C:\Program Files\VX Search to execute...
CVE-2021-47974 VX Search 13.5.28 Unquoted Service Path Privilege Escalation
VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories like C:\Program Files\VX Search to execute...
CVE-2020-37247
Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem...
CVE-2020-37247 Kite 4.2.0.1 U1 Unquoted Service Path Privilege Escalation
Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem...
CVE-2020-37247 Kite 4.2.0.1 U1 Unquoted Service Path Privilege Escalation
Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem...
CVE-2020-37247
Kite 4.2.0.1 U1 is affected by an unquoted service path vulnerability in the KiteService Windows service. The underlying issue allows local attackers to escalate privileges to LocalSystem by placing a malicious executable in the Program Files directory, which is executed when the service starts. ...
CVE-2020-37232 Advanced System Care Service 13.0.0.157 Unquoted Service Path Privilege Escalation
Advanced System Care Service 13.0.0.157 contains an unquoted service path vulnerability in the AdvancedSystemCareService13 service binary path that allows local attackers to escalate privileges. Attackers can place malicious executables in the system root path that will be executed with LocalSyst...