Total
403 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-25276 | 2026-02-05 | N/A | 7.8 HIGH | ||
|
Studio 5000 Logix Designer 30.01.00 contains an unquoted service path vulnerability in the FactoryTalk Activation Service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\ to inject malicious code that would execute with LocalSystem permissions.
|
|||||
| CVE-2019-25269 | 2026-02-05 | N/A | 7.8 HIGH | ||
|
Amiti Antivirus 25.0.640 contains an unquoted service path vulnerability in its Windows service configurations. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges by placing executable files in specific directory locations.
|
|||||
| CVE-2019-25281 | 2026-02-05 | N/A | 7.8 HIGH | ||
|
NCP Secure Entry Client 9.2 contains an unquoted service path vulnerability in multiple Windows services that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted paths in services like ncprwsnt, rwsrsu, ncpclcfg, and NcpSec to inject malicious code that would execute with LocalSystem privileges during service startup.
|
|||||
| CVE-2019-25275 | 2026-02-05 | N/A | 7.8 HIGH | ||
|
BartVPN 1.2.2 contains an unquoted service path vulnerability in the BartVPNService that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path by placing malicious executables in specific file system locations to hijack the service's execution context.
|
|||||
| CVE-2020-37060 | 2026-02-04 | N/A | 7.8 HIGH | ||
|
Atomic Alarm Clock 6.3 contains a local privilege escalation vulnerability in its service configuration that allows attackers to execute arbitrary code with SYSTEM privileges. Attackers can exploit the unquoted service path by placing a malicious executable named 'Program.exe' to gain persistent system-level access.
|
|||||
| CVE-2020-37059 | 2026-02-04 | N/A | 7.8 HIGH | ||
|
Popcorn Time 6.2.1.14 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can insert malicious executables in Program Files (x86) or system root directories to be executed with SYSTEM-level permissions during service startup.
|
|||||
| CVE-2020-37030 | 2026-02-04 | N/A | 7.8 HIGH | ||
|
Outline Service 1.3.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in C:\Program Files (x86)\Outline to inject malicious code that would execute with LocalSystem permissions during service startup.
|
|||||
| CVE-2020-37058 | 2026-02-04 | N/A | 7.8 HIGH | ||
|
Andrea ST Filters Service 1.0.64.7 contains an unquoted service path vulnerability in its Windows service configuration. Local attackers can exploit the unquoted path to inject malicious code that will execute with elevated LocalSystem privileges during service startup.
|
|||||
| CVE-2020-37047 | 2026-02-03 | N/A | 7.8 HIGH | ||
|
Deep Instinct Windows Agent 1.2.29.0 contains an unquoted service path vulnerability in the DeepMgmtService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files\HP Sure Sense\DeepMgmtService.exe to inject malicious code that would execute with LocalSystem permissions during service startup.
|
|||||
| CVE-2020-37064 | 2026-02-03 | N/A | 7.8 HIGH | ||
|
EPSON EasyMP Network Projection 2.81 contains an unquoted service path vulnerability in the EMP_NSWLSV service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2\ to inject malicious code that would execute with LocalSystem privileges.
|
|||||
| CVE-2020-37061 | 2026-02-03 | N/A | 7.8 HIGH | ||
|
BOOTP Turbo 2.0.1214 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted executable path to inject malicious code that will be executed when the service starts with LocalSystem permissions.
|
|||||
| CVE-2020-37037 | 2026-02-03 | N/A | 7.8 HIGH | ||
|
Avast SecureLine 5.5.522.0 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem account permissions during service startup.
|
|||||
| CVE-2020-37055 | 2026-02-03 | N/A | 7.8 HIGH | ||
|
SpyHunter 4 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations to gain elevated access during service startup.
|
|||||
| CVE-2020-37045 | 2026-02-03 | N/A | 7.8 HIGH | ||
|
Veritas NetBackup 7.0 contains an unquoted service path vulnerability in the NetBackup INET Daemon service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Veritas\NetBackup\bin\bpinetd.exe to inject malicious code that would execute with elevated LocalSystem privileges.
|
|||||
| CVE-2020-37062 | 2026-02-03 | N/A | 7.8 HIGH | ||
|
DHCP Turbo 4.61298 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers can place malicious executables in the service path to gain elevated privileges when the service starts.
|
|||||
| CVE-2020-37048 | 2026-02-03 | N/A | 7.8 HIGH | ||
|
Iskysoft Application Framework Service 2.4.3.241 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that would be run with the service's high-level system permissions.
|
|||||
| CVE-2020-37063 | 2026-02-03 | N/A | 7.8 HIGH | ||
|
TFTP Turbo 4.6.1273 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be launched with LocalSystem permissions.
|
|||||
| CVE-2020-37098 | 2026-02-03 | N/A | 7.8 HIGH | ||
|
Disk Sorter Enterprise 12.4.16 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be launched with LocalSystem permissions.
|
|||||
| CVE-2020-37102 | 2026-02-03 | N/A | 7.8 HIGH | ||
|
Adaware Web Companion 4.9.2159 contains an unquoted service path vulnerability in the WCAssistantService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges during service startup.
|
|||||
| CVE-2020-37099 | 2026-02-03 | N/A | 7.8 HIGH | ||
|
Disk Savvy Enterprise 12.3.18 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Savvy Enterprise\bin\disksvs.exe' to inject malicious executables and escalate privileges.
|
|||||
| CVE-2020-37101 | 2026-02-03 | N/A | 7.8 HIGH | ||
|
VPN Unlimited 6.1 contains an unquoted service path vulnerability that allows local attackers to inject malicious executables into the service binary path. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\VPN Unlimited\' to replace the service executable and gain elevated system privileges.
|
|||||
| CVE-2023-54331 | 1 Getoutline | 1 Outline | 2026-02-02 | N/A | 7.8 HIGH |
|
Outline 1.6.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the OutlineService executable to inject malicious code that will be executed with LocalSystem permissions.
|
|||||
| CVE-2022-50933 | 1 Malavida | 1 Cain \& Abel | 2026-02-02 | N/A | 7.8 HIGH |
|
Cain & Abel 4.9.56 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions.
|
|||||
| CVE-2022-50928 | 1 Ivtcorporation | 1 Bluesoleilcs | 2026-02-02 | N/A | 7.8 HIGH |
|
BlueSoleilCS 5.4.277 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in 'C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe' to inject malicious executables and escalate privileges.
|
|||||
| CVE-2022-50921 | 1 Wow21 | 1 Wow21 | 2026-02-02 | N/A | 7.8 HIGH |
|
WOW21 5.0.1.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions during service startup.
|
|||||
| CVE-2021-47767 | 1 10-strike | 1 Network Inventory Explorer | 2026-01-30 | N/A | 7.8 HIGH |
|
10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path segments to achieve privilege escalation and execute code with system-level permissions.
|
|||||
| CVE-2021-47790 | 1 Pysoft | 1 Active Webcam | 2026-01-30 | N/A | 7.8 HIGH |
|
Active WebCam 11.5 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path by placing malicious executables in specific directory locations to gain administrative access.
|
|||||
| CVE-2021-47792 | 1 Remotemouse | 1 Remote Mouse | 2026-01-30 | N/A | 7.8 HIGH |
|
Remote Mouse 4.002 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the RemoteMouseService to inject malicious executables and gain administrative access.
|
|||||
| CVE-2021-47806 | 1 Flexense | 1 Dup Scout | 2026-01-30 | N/A | 7.8 HIGH |
|
Dup Scout 13.5.28 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Dup Scout Server\bin\dupscts.exe' to inject malicious executables and escalate privileges.
|
|||||
| CVE-2021-47807 | 1 Flexense | 1 Sync Breeze | 2026-01-30 | N/A | 7.8 HIGH |
|
Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious executables and escalate privileges.
|
|||||
| CVE-2021-47809 | 1 Flexense | 1 Disk Sorter | 2026-01-30 | N/A | 7.8 HIGH |
|
Disk Sorter Enterprise 13.6.12 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Sorter Enterprise\bin\disksrs.exe' to inject malicious executables and escalate privileges.
|
|||||
| CVE-2021-47810 | 1 Wibu | 1 Wibukey | 2026-01-30 | N/A | 7.8 HIGH |
|
WibuKey Runtime 6.51 contains an unquoted service path vulnerability in the WkSvW32.exe service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\PROGRAM FILES (X86)\WIBUKEY\SERVER\WkSvW32.exe' to inject malicious executables and escalate privileges.
|
|||||
| CVE-2020-36979 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
Atheros Coex Service Application 8.0.0.255 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path by placing malicious executables in the service path to gain elevated system privileges during service startup.
|
|||||
| CVE-2020-36977 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
Wondershare Driver Install Service contains an unquoted service path vulnerability in the ElevationService executable that allows local attackers to potentially inject malicious code. Attackers can exploit the unquoted path to replace the service binary with a malicious executable, enabling privilege escalation to LocalSystem account.
|
|||||
| CVE-2020-36976 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
Acer Global Registration Service 1.0.0.3 contains an unquoted service path vulnerability in its service configuration that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Acer\Registration\ to inject malicious executables that would run with elevated LocalSystem privileges during service startup.
|
|||||
| CVE-2020-36975 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
EPSON Status Monitor 3 version 8.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers can leverage the unquoted path in 'C:\Program Files\Common Files\EPSON\EPW!3SSRP\E_S60RPB.EXE' to inject malicious executables and escalate privileges.
|
|||||
| CVE-2020-36974 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
Realtek Andrea RT Filters 1.0.64.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in 'C:\Program Files\IDT\WDM\AESTSr64.exe' to inject malicious code that would execute during service startup or system reboot.
|
|||||
| CVE-2020-36982 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
Motorola Device Manager 2.5.4 contains an unquoted service path vulnerability in the MotoHelperService.exe service that allows local users to potentially inject malicious code. Attackers can exploit the unquoted path in the service configuration to execute arbitrary code with elevated system privileges during service startup.
|
|||||
| CVE-2020-36981 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
Motorola Device Manager 2.4.5 contains an unquoted service path vulnerability in the PST Service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in ForwardDaemon.exe to inject malicious code that will execute with elevated system privileges during service startup.
|
|||||
| CVE-2020-36983 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
Quick 'n Easy FTP Service 3.2 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code during service startup. Attackers can exploit the misconfigured service binary path to inject malicious executables with elevated LocalSystem privileges during system boot or service restart.
|
|||||