CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

142 matches found

EUVD•added 2026/03/25 6:30 a.m.•2 views

EUVD-2026-15192

SANUPS SOFTWARE provided by SANYO DENKI CO., LTD. registers Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

8.4CVSS6.2AI score0.00007EPSS

Exploits0References4

NVD•added 2026/03/25 6:16 a.m.•1 views

CVE-2026-33253

8.4CVSS0.00007EPSS

Exploits0References3

Vulnrichment•added 2026/03/25 5:11 a.m.•1 views

CVE-2026-33253

8.4CVSS7AI score0.00007EPSS

Exploits0References3

CVE•added 2026/03/25 5:11 a.m.•9 views

CVE-2026-33253

SANUPS SOFTWARE (SANYO DENKI CO., LTD.) exposes a Windows service registration with an unquoted executable path. According to the description, a user with write access to the system drive root can trigger arbitrary code execution with SYSTEM privileges via a local privilege escalation. The connec...

8.4CVSS6.2AI score0.00007EPSS

Exploits0References3

CNNVD•added 2026/03/16 12:0 a.m.•2 views

Serviio PRO 代码问题漏洞

Serviio PRO is a multimedia streaming server software developed by the British company Serviio. Version 1.8 of Serviio PRO contains a code vulnerability. This vulnerability stems from improper search paths and directory permissions in Windows services, which may allow local users to execute...

8.5CVSS7.7AI score0.00019EPSS

Exploits1References7

Japan Vulnerability Notes•added 2026/03/04 1:40 a.m.•1 views

Canon IJ Scan Utility registers Windows services with unquoted file paths

Overview IJ Scan Utility provided by Canon Inc. contains the following vulnerability. Unquoted search path or element CWE-428 - CVE-2026-1585 Canon Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact A user may execute arbitrary code with SYSTEM...

8.4CVSS7.5AI score0.00017EPSS

Exploits0References6

RedhatCVE•added 2026/02/10 7:33 a.m.•4 views

CVE-2026-24466

Products provided by Oki Electric Industry Co., Ltd. and its OEM products Ricoh Co., Ltd., Murata Machinery, Ltd. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege...

8.4CVSS6AI score0.0002EPSS

Exploits0References1

Cvelist•added 2026/02/09 6:59 a.m.•22 views

CVE-2026-24466

8.4CVSS0.0002EPSS

Exploits0References5

Vulnrichment•added 2026/02/09 6:59 a.m.•1 views

CVE-2026-24466

8.4CVSS6AI score0.0002EPSS

Exploits0References5

ATTACKERKB•added 2026/02/09 6:59 a.m.•3 views

CVE-2026-24466

8.4CVSS6AI score0.0002EPSS

Exploits0References6

Japan Vulnerability Notes•added 2026/02/09 6:21 a.m.•2 views

Oki Electric Industry products and OEM products register Windows services with unquoted file paths

Overview Configuration Tool provided by Oki Electric Industry Co., Ltd., Ricoh Co., Ltd., and Murata Machinery, Ltd. contain the following vulnerability. Unquoted search path or element CWE-428 - CVE-2026-24466 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IP...

8.4CVSS6AI score0.0002EPSS

Exploits0References7

Positive Technologies•added 2026/02/09 12:0 a.m.•2 views

PT-2026-7075

8.4CVSS6AI score0.0002EPSS

Exploits0References6

NVD•added 2026/02/05 12:15 a.m.•3 views

CVE-2019-25281

NCP Secure Entry Client 9.2 contains an unquoted service path vulnerability in multiple Windows services that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted paths in services like ncprwsnt, rwsrsu, ncpclcfg, and NcpSec to inject malicious code that...

8.5CVSS0.00007EPSS

Exploits0References3

ATTACKERKB•added 2026/02/04 11:15 p.m.•2 views

CVE-2019-25281

8.5CVSS5.8AI score0.00007EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/02/04 11:15 p.m.•25 views

CVE-2019-25281 NCP_Secure_Entry_Client 9.2 - Unquoted Service Paths

8.5CVSS0.00007EPSS

Exploits0References3

Positive Technologies•added 2026/02/04 12:0 a.m.•2 views

PT-2026-5810

Name of the Vulnerable Software and Affected Versions NCP Secure Entry Client version 9.2 Description NCP Secure Entry Client 9.2 contains a flaw due to unquoted service paths in multiple Windows services. This allows local users to potentially execute arbitrary code. Specifically, attackers can...

8.5CVSS5.8AI score0.00007EPSS

Exploits0References5

NVD•added 2026/01/16 7:16 p.m.•1 views

CVE-2021-47845

Spy Emergency 25.0.650 contains an unquoted service path vulnerability in its Windows service configurations that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted file paths in SpyEmergencyHealth.exe and SpyEmergencySrv.exe to inject malicious co...

8.5CVSS0.00008EPSS

Exploits0References3

ATTACKERKB•added 2026/01/16 7:9 p.m.•1 views

CVE-2021-47845

8.5CVSS5.6AI score0.00008EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/01/16 7:9 p.m.•2 views

CVE-2021-47845 Spy Emergency 25.0.650 - Unquoted Service Path

8.5CVSS6.8AI score0.00008EPSS

Exploits0References3

OSV•added 2026/01/16 12:16 a.m.•0 views

CVE-2020-36929

Brother BRPrint Auditor 3.0.7 contains an unquoted service path vulnerability in its Windows service configurations that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted file paths in BrAuSvc and BRPAAgent services to inject malicious executables an...

8.5CVSS6AI score

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by