Total
210 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-9247 | 1 Sierrawireless | 3 Sierra Wireless Em7345 Software, Sierra Wireless Em7455 Software, Sierra Wireless Location Sensor Driver | 2025-04-20 | N/A |
| Multiple unquoted service path vulnerabilities in Sierra Wireless Windows Mobile Broadband Driver Package (MBDP) with build ID < 4657 allows local users to launch processes with elevated privileges. | ||||
| CVE-2020-14521 | 1 Mitsubishielectric | 60 C Controller Interface Module Utility, C Controller Module Setting And Monitoring Tool, Cc-link Ie Control Network Data Collector and 57 more | 2025-04-16 | 8.3 High |
| Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition. | ||||
| CVE-2022-46662 | 1 Corel | 1 Roxio Creator Ljb | 2025-04-16 | 6.7 Medium |
| Roxio Creator LJB starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service. The affected product and versions are as follows: Roxio Creator LJB version number 12.2 build number 106B62B, version number 12.2 build number 106B63A, version number 12.2 build number 106B69A, version number 12.2 build number 106B71A, and version number 12.2 build number 106B74A) | ||||
| CVE-2016-15003 | 2 Filezilla-project, Microsoft | 2 Filezilla Client, Windows | 2025-04-15 | 6.3 Medium |
| A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2019-19705 | 1 Lenovo | 272 Aio300-23isu, Aio300-23isu Firmware, Aio310-20iap and 269 more | 2025-04-14 | 7.8 High |
| Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL preloading. | ||||
| CVE-2016-6935 | 1 Adobe | 1 Creative Cloud | 2025-04-12 | N/A |
| Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.8.0.310 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory. | ||||
| CVE-2015-4173 | 1 Sonicwall | 1 Netextender | 2025-04-12 | N/A |
| Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder. | ||||
| CVE-2016-5793 | 1 Moxa | 1 Active Opc Server | 2025-04-12 | N/A |
| Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory. | ||||
| CVE-2014-5455 | 2 Openvpn, Privatetunnel | 2 Openvpn, Privatetunnel | 2025-04-12 | N/A |
| Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder. | ||||
| CVE-2013-2176 | 1 Redhat | 2 Enterprise Virtualization, Rhev Manager | 2025-04-11 | N/A |
| Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application. | ||||
| CVE-2013-2152 | 1 Redhat | 2 Enterprise Virtualization, Rhev Manager | 2025-04-11 | N/A |
| Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder. | ||||
| CVE-2013-2231 | 2 Microsoft, Redhat | 6 Windows, Enterprise Linux, Enterprise Linux Desktop Supplementary and 3 more | 2025-04-11 | N/A |
| Unquoted Windows search path vulnerability in the QEMU Guest Agent service for Red Hat Enterprise Linux Desktop 6, HPC Node 6, Server 6, Workstation 6, Desktop Supplementary 6, Server Supplementary 6, Supplementary AUS 6.4, Supplementary EUS 6.4.z, and Workstation Supplementary 6, when installing on Windows, allows local users to gain privileges via a crafted program in an unspecified folder. | ||||
| CVE-2013-2151 | 1 Redhat | 2 Enterprise Virtualization, Rhev Manager | 2025-04-11 | N/A |
| Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder. | ||||
| CVE-2022-4429 | 1 Avira | 1 Avira Security | 2025-04-08 | 5.3 Medium |
| Avira Security for Windows contains an unquoted service path which allows attackers with local administrative privileges to cause a Denial of Service. The issue was fixed with Avira Security version 1.1.78 | ||||
| CVE-2022-4258 | 2 Hima, Microsoft | 5 Hopcs, X-opc A\+e, X-opc Da and 2 more | 2025-04-03 | 7.8 High |
| In multiple versions of HIMA PC based Software an unquoted Windows search path vulnerability might allow local users to gain privileges via a malicious .exe file and gain full access to the system. | ||||
| CVE-2024-24722 | 1 12dsynergy | 4 12d Synergy File Replication Server, 12d Synergy Server, 12dsynergy and 1 more | 2025-04-02 | 9.1 Critical |
| An unquoted service path vulnerability in the 12d Synergy Server and File Replication Server components may allow an attacker to gain elevated privileges via the 12d Synergy Server and/or 12d Synergy File Replication Server executable service path. This is fixed in 4.3.10.192, 5.1.5.221, and 5.1.6.235. | ||||
| CVE-2022-44264 | 1 Dentsplysirona | 1 Sidexis | 2025-03-31 | 7.8 High |
| Dentsply Sirona Sidexis <= 4.3 is vulnerable to Unquoted Service Path. | ||||
| CVE-2023-0887 | 1 Tftpd64 Project | 1 Tftpd64 | 2025-03-12 | 7 High |
| A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64_svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The associated identifier of this vulnerability is VDB-221351. | ||||
| CVE-2023-24575 | 1 Dell | 1 Multifunction Printer E525w Driver And Software Suite | 2025-03-12 | 7.8 High |
| Dell Multifunction Printer E525w Driver and Software Suite, versions prior to 1.047.2022, A05, contain a local privilege escalation vulnerability that could be exploited by malicious users to compromise the affected system | ||||
| CVE-2021-26735 | 1 Zscaler | 1 Client Connector | 2025-02-27 | 6.7 Medium |
| The Zscaler Client Connector Installer and Unsintallers for Windows prior to 3.6 had an unquoted search path vulnerability. A local adversary may be able to execute code with SYSTEM privileges. | ||||