Total
416 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-25267 | 1 Wftpserver | 1 Wing Ftp Server | 2026-02-18 | N/A | 7.8 HIGH |
| Wing FTP Server 6.0.7 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that will be launched with LocalSystem permissions. | |||||
| CVE-2025-59888 | 1 Eaton | 1 Ups Companion | 2026-02-18 | N/A | 6.7 MEDIUM |
| Improper quotation in search paths in the Eaton UPS Companion software installer could lead to arbitrary code execution of an attacker with the access to the file system. This security issue has been fixed in the latest version of EUC which is available on the Eaton download center. | |||||
| CVE-2020-36927 | 1 Flexense | 1 Diskpulse | 2026-02-09 | N/A | 7.8 HIGH |
| DiskPulse Enterprise 13.6.14 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Pulse Enterprise\bin\diskpls.exe' to inject malicious executables and escalate privileges. | |||||
| CVE-2020-36928 | 1 Brother | 1 Bragent | 2026-02-09 | N/A | 7.8 HIGH |
| Brother BRAgent 1.38 contains an unquoted service path vulnerability in the WBA_Agent_Client service running with LocalSystem privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Brother\BRAgent\ to inject and execute malicious code with elevated system permissions. | |||||
| CVE-2020-36929 | 1 Brother | 1 Brprint Auditor | 2026-02-09 | N/A | 7.8 HIGH |
| Brother BRPrint Auditor 3.0.7 contains an unquoted service path vulnerability in its Windows service configurations that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted file paths in BrAuSvc and BRPA_Agent services to inject malicious executables and escalate privileges on the system. | |||||
| CVE-2020-36930 | 1 Flexense | 1 Sysgauge | 2026-02-09 | N/A | 7.8 HIGH |
| SysGauge Server 7.9.18 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\SysGauge Server\bin\sysgaus.exe' to inject malicious executables and escalate privileges. | |||||
| CVE-2021-47787 | 1 Totalav | 1 Totalav | 2026-02-09 | N/A | 7.8 HIGH |
| TotalAV 5.15.69 contains an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. Attackers can place malicious executables in specific unquoted path segments to potentially gain SYSTEM-level access by exploiting the service path configuration. | |||||
| CVE-2025-36384 | 1 Ibm | 1 Db2 | 2026-02-05 | N/A | 8.4 HIGH |
| IBM Db2 for Windows 12.1.0 - 12.1.3 could allow a local user with filesystem access to escalate their privileges due to the use of an unquoted search path element. | |||||
| CVE-2023-54331 | 1 Getoutline | 1 Outline | 2026-02-02 | N/A | 7.8 HIGH |
| Outline 1.6.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the OutlineService executable to inject malicious code that will be executed with LocalSystem permissions. | |||||
| CVE-2022-50933 | 1 Malavida | 1 Cain \& Abel | 2026-02-02 | N/A | 7.8 HIGH |
| Cain & Abel 4.9.56 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions. | |||||
| CVE-2022-50928 | 1 Ivtcorporation | 1 Bluesoleilcs | 2026-02-02 | N/A | 7.8 HIGH |
| BlueSoleilCS 5.4.277 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in 'C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe' to inject malicious executables and escalate privileges. | |||||
| CVE-2022-50921 | 1 Wow21 | 1 Wow21 | 2026-02-02 | N/A | 7.8 HIGH |
| WOW21 5.0.1.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions during service startup. | |||||
| CVE-2021-47767 | 1 10-strike | 1 Network Inventory Explorer | 2026-01-30 | N/A | 7.8 HIGH |
| 10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path segments to achieve privilege escalation and execute code with system-level permissions. | |||||
| CVE-2021-47790 | 1 Pysoft | 1 Active Webcam | 2026-01-30 | N/A | 7.8 HIGH |
| Active WebCam 11.5 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path by placing malicious executables in specific directory locations to gain administrative access. | |||||
| CVE-2021-47792 | 1 Remotemouse | 1 Remote Mouse | 2026-01-30 | N/A | 7.8 HIGH |
| Remote Mouse 4.002 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the RemoteMouseService to inject malicious executables and gain administrative access. | |||||
| CVE-2021-47806 | 1 Flexense | 1 Dup Scout | 2026-01-30 | N/A | 7.8 HIGH |
| Dup Scout 13.5.28 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Dup Scout Server\bin\dupscts.exe' to inject malicious executables and escalate privileges. | |||||
| CVE-2021-47807 | 1 Flexense | 1 Sync Breeze | 2026-01-30 | N/A | 7.8 HIGH |
| Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious executables and escalate privileges. | |||||
| CVE-2021-47809 | 1 Flexense | 1 Disk Sorter | 2026-01-30 | N/A | 7.8 HIGH |
| Disk Sorter Enterprise 13.6.12 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Sorter Enterprise\bin\disksrs.exe' to inject malicious executables and escalate privileges. | |||||
| CVE-2021-47810 | 1 Wibu | 1 Wibukey | 2026-01-30 | N/A | 7.8 HIGH |
| WibuKey Runtime 6.51 contains an unquoted service path vulnerability in the WkSvW32.exe service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\PROGRAM FILES (X86)\WIBUKEY\SERVER\WkSvW32.exe' to inject malicious executables and escalate privileges. | |||||
| CVE-2023-53965 | 1 Sound4 | 30 Big Voice, Big Voice Firmware, First and 27 more | 2026-01-29 | N/A | 8.4 HIGH |
| SOUND4 Server Service 4.1.102 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted binary path by inserting malicious code in the system root path that could execute with LocalSystem privileges during service startup. | |||||