18 matches found
EUVD-2018-14261
Malware in sbrugna...
CVE-2024-23774
An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An unquoted Windows search path vulnerability exists in the KSchedulerSvc.exe and AMPTools.exe components. This allows local attackers to execute code of their choice with NT Authority\SYSTEM privileges...
CVE-2022-4258
In multiple versions of HIMA PC based Software an unquoted Windows search path vulnerability might allow local users to gain privileges via a malicious .exe file and gain full access to the system...
Security Bulletin: IBM Cognos TM1 is affected by multiple vulnerabilities (CVE-2018-15494, CVE-2019-4245)
Summary Dojo Toolkit, used by IBM Cognos TM1, is vulnerable to cross-site scripting XSS . This issue has been addressed. A vulnerability exists where TM1 Server could allow a local user with specialized access to exploit an unquoted Windows search path vulnerability which could allow local users ...
Panda Global Protection <= 17.0.1 Multiple Vulnerabilities
Panda Global Protection is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
CVE-2016-6935
Adobe Creative Cloud Desktop on Windows is affected by CVE-2016-6935 due to an unquoted Windows search path in versions prior to 3.8.0.310, enabling local privilege escalation via a Trojan horse executable placed in the SYSTEMDRIVE root. The advisory APSB16-34 recommends updating to 3.8.0.310 to ...
Symantec Endpoint Encryption Unquoted Windows Search Path Vulnerability
Symantec Endpoint Encryption SEE is prone to unquoted windows search path vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE=...
Dell SonicWall NetExtender Privilege Escalation Vulnerability - Windows
Dell SonicWall NetExtender is prone to a privilege escalation vulnerability. This VT has been deprecated and replaced by the VT SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2015-4173
Dell SonicWall NetExtender is affected by CVE-2015-4173, a local privilege-escalation due to an unquoted Windows search path in the autorun value. Affected as: NetExtender before 7.5.227 and 8.0.x before 8.0.238, used with SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv. Root cause: ...
CVE-2014-9646
Technical details for CVE-2014-9646 are not publicly provided in the connected documents. Monitor for updates.
PT-2014-6485
Name of the Vulnerable Software and Affected Versions PrivateTunnel versions prior to 3.0 OpenVPN Connect versions prior to 3.1 Description The issue allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder, due to an unquoted Windows search path...
CVE-2013-2151
CVE-2013-2151 affects Red Hat Enterprise Virtualization (RHEV) 3 and 3.2. The vulnerability is an unquoted Windows search path flaw in the rhev-guest-tools (Windows guest tools) and related agent/service, enabling local users to escalate privileges via a crafted executable located in an unquoted ...
CVE-2013-5011
CVE-2013-5011 is an unquoted Windows search path vulnerability affecting the Symantec Endpoint Protection (SEP) client. The issue exists in SEP 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 (and Small Business Edition 12.x before 12.1.2 RU2), where an unquoted path in the SYSTEMDRIVE root could...
CVE-2013-2176
CVE-2013-2176 is an unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) installed via rhev-guest-tools-iso (v3.2). The unquoted path could allow a local, unprivileged user to have a Trojan horse binary executed with SYSTEM p...
Symantec Enterprise Security Manager/Agent Privilege Escalation Vulnerability
Symantec Enterprise Security Manager/Agent is prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
CVE-2006-4315
CVE-2006-4315 describes an unquoted Windows search path vulnerability in multiple SSH Tectia products. Affects: SSH Tectia Client/Server/Connector 5.0.0 and 5.0.1, and Client/Server prior to 4.4.5; Manager 2.12 and earlier. Root cause: unquoted paths under Windows in the application startup chain...
CVE-2005-2938
CVE-2005-2938 affects Apple iTunes for Windows (iTunesHelper.exe) prior to iTunes 6. The vulnerability is an unquoted Windows search path in iTunesHelper.exe, which could allow a local user to gain privileges by placing a malicious C:\program.exe. Affected versions include iTunes 4.7.1.30 and iTu...
CVE-2005-2940
CVE-2005-2940 describes an unquoted Windows search path vulnerability in Microsoft Antispyware 1.0.509 (Beta 1). Local users could gain privileges by placing a malicious file named program.exe in the C: drive, which could be executed by one of several Antispyware components: GIANTAntiSpywareMain....