CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/06/19 2:16 p.m.•7 views

EUVD-2022-56007

Malwarebytes 4.5 contains an unquoted service path vulnerability in the MBAMService executable that allows local attackers to escalate privileges by injecting malicious code into the system root path. Attackers can place executable files in unquoted path directories that execute with LocalSystem...

8.5CVSS6AI score0.00172EPSS

Exploits1References4

Cvelist•added 2026/06/19 2:16 p.m.•28 views

CVE-2020-37253 Winstep 18.06.0096 Unquoted Service Path Privilege Escalation

8.5CVSS0.00109EPSS

Exploits0References2

CVE•added 2026/06/19 2:16 p.m.•12 views

CVE-2020-37252

CVE-2020-37252 describes an unquoted service path vulnerability in Realtek Audio Service 1.0.0.55, specifically in RtkAudioService64.exe. The root cause is the unquoted service path, enabling local attackers to escalate privileges by placing a malicious executable in the unquoted directory, which...

8.5CVSS6.2AI score0.00121EPSS

Cvelist•added 2026/06/19 2:16 p.m.•27 views

CVE-2020-37252 Realtek Audio Service 1.0.0.55 Unquoted Service Path Privilege Escalation

Realtek Audio Service 1.0.0.55 contains an unquoted service path vulnerability in RtkAudioService64.exe that allows local attackers to escalate privileges by injecting malicious code. Attackers can place executable files in the unquoted service path directory to execute arbitrary code with...

8.5CVSS0.00121EPSS

Cvelist•added 2026/06/19 2:16 p.m.•29 views

CVE-2016-20095 Matrix42 Remote Control Host 3.20.0031 Unquoted Path Privilege Escalation

Matrix42 Remote Control Host 3.20.0031 contains an unquoted service path vulnerability in the FastViewerRemoteService and FastViewerRemoteProxy services that allows local users to execute arbitrary code with SYSTEM privileges. Attackers can place a malicious executable in the Program Files...

8.5CVSS0.00119EPSS

CVE•added 2026/06/19 2:16 p.m.•12 views

CVE-2016-20095

The CVE-2016-20095 entry affects Matrix42 Remote Control Host 3.20.0031, due to an unquoted service path in the FastViewerRemoteService and FastViewerRemoteProxy. This allows local attackers to escalate privileges to SYSTEM by placing a crafted-named executable in the Program Files directory that...

8.5CVSS6.2AI score0.00119EPSS

CVE•added 2026/06/19 2:16 p.m.•11 views

CVE-2016-20091

CVE-2016-20091 affects Windows Firewall Control 4.8.6.0. The issue is an unquoted service path for the wfcs.exe service, enabling local attackers to escalate privileges by placing malicious executables in unquoted directories that are executed with LocalSystem privileges on service restart or sys...

8.5CVSS5.9AI score0.00113EPSS

ATTACKERKB•added 2026/06/19 2:16 p.m.•5 views

CVE-2016-20090

Comodo Dragon Browser versions up to 52.15.25.663 contain a privilege escalation vulnerability in the DragonUpdater service due to an unquoted service path running with SYSTEM privileges. A local attacker can insert a malicious executable in the service path and execute arbitrary code with elevat...

Cvelist•added 2026/06/19 2:16 p.m.•28 views

CVE-2016-20090 Comodo Dragon Browser 52.15.25.663 Privilege Escalation via Unquoted Service Path

8.5CVSS0.00122EPSS

CVE•added 2026/06/19 2:16 p.m.•11 views

CVE-2016-20090

CVE-2016-20090 affects Comodo Dragon Browser up to version 52.15.25.663. The issue is a privilege escalation in the DragonUpdater service caused by an unquoted service path that runs with SYSTEM privileges. A local attacker can drop a malicious executable in the service path and trigger code exec...

EUVD•added 2026/06/19 2:16 p.m.•6 views

EUVD-2016-10903

EUVD•added 2026/06/19 2:16 p.m.•8 views

EUVD-2016-10901

Comodo Chromodo Browser 52.15.25.664 contains an unquoted service path vulnerability in the ChromodoUpdater service that runs with SYSTEM privileges. A local attacker can insert a malicious executable in the service path and execute arbitrary code with elevated privileges upon service restart or...

CVE•added 2026/06/19 2:16 p.m.•11 views

CVE-2016-20088

The CVE refers to Comodo Chromodo Browser version 52.15.25.664 with an unquoted service path in the ChromodoUpdater service, which runs with SYSTEM privileges. This allows a local attacker to place a malicious executable in the service path and achieve arbitrary code execution with elevated privi...

ATTACKERKB•added 2026/06/19 2:16 p.m.•5 views

CVE-2016-20088

Positive Technologies•added 2026/06/19 12:0 a.m.•13 views

PT-2026-50914

Name of the Vulnerable Software and Affected Versions Network Inventory Advisor version 5.0.26.0 Description The niaservice service is installed with an unquoted binary path. This configuration allows local attackers to escalate privileges by placing malicious executables in intermediate...

Positive Technologies•added 2026/06/19 12:0 a.m.•12 views

Exploits0References6

PT-2026-50923

Name of the Vulnerable Software and Affected Versions AVAST Antivirus version 25.11 Description The SecureLine service contains an unquoted service path, which occurs when a service executable path contains spaces and is not enclosed in quotation marks. This allows local non-privileged users to...

8.5CVSS6AI score0.00127EPSS

Exploits0References6

Positive Technologies•added 2026/06/19 12:0 a.m.•12 views

PT-2026-50908

Name of the Vulnerable Software and Affected Versions Comodo Dragon Browser versions prior to 52.15.25.664 Description The DragonUpdater service contains a privilege escalation flaw caused by an unquoted service path that runs with SYSTEM privileges. A local attacker can exploit this by placing a...