Total
403 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-36980 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
SAntivirus IC 10.0.21.61 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted executable path to inject malicious files in the service binary path, enabling privilege escalation to system-level permissions.
|
|||||
| CVE-2020-37021 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local attackers to escalate privileges. Attackers can place a malicious executable in specific file path locations to achieve privilege escalation to SYSTEM during service startup.
|
|||||
| CVE-2020-36990 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
Input Director 1.4.3 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSystem permissions.
|
|||||
| CVE-2020-36985 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
IP Watcher 3.0.0.30 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with elevated LocalSystem privileges during service startup.
|
|||||
| CVE-2020-36987 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
Program Access Controller 1.2.0.0 contains an unquoted service path vulnerability in PACService.exe that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSystem permissions.
|
|||||
| CVE-2020-36984 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
EPSON 1.124 contains an unquoted service path vulnerability in the SENADB service that allows local attackers to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\ to inject malicious executables that will run with LocalSystem permissions.
|
|||||
| CVE-2020-36986 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
Prey 1.9.6 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in the CronService to insert malicious code that would execute during application startup or system reboot.
|
|||||
| CVE-2020-37020 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by exploiting the service executable path. Attackers can replace the wrapper.exe in the service path with a malicious executable to execute code with highest system privileges during service restart.
|
|||||
| CVE-2020-36989 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
ForensiT AppX Management Service 2.2.0.4 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem account permissions during service startup.
|
|||||
| CVE-2020-37016 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
BarcodeOCR 19.3.6 contains an unquoted service path vulnerability that allows local attackers to execute code with elevated privileges during system startup. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will run with LocalSystem privileges.
|
|||||
| CVE-2020-36991 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
ShareMouse 5.0.43 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the insecure service path configuration by placing malicious executables in specific system directories to gain elevated access during service startup.
|
|||||
| CVE-2020-36992 | 2026-01-29 | N/A | 7.8 HIGH | ||
|
Nord VPN 6.31.13.0 contains an unquoted service path vulnerability in its nordvpn-service that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted binary path during system startup or reboot to potentially run malicious code with LocalSystem permissions.
|
|||||
| CVE-2023-53965 | 1 Sound4 | 30 Big Voice, Big Voice Firmware, First and 27 more | 2026-01-29 | N/A | 8.4 HIGH |
|
SOUND4 Server Service 4.1.102 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted binary path by inserting malicious code in the system root path that could execute with LocalSystem privileges during service startup.
|
|||||
| CVE-2022-50900 | 1 Wondershare | 1 Dr.fone | 2026-01-28 | N/A | 8.4 HIGH |
|
Wondershare Dr.Fone 12.0.18 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path to insert malicious code that will be executed with LocalSystem permissions during service startup.
|
|||||
| CVE-2022-50901 | 1 Wondershare | 1 Dr.fone | 2026-01-28 | N/A | 8.4 HIGH |
|
Wondershare Dr.Fone 11.4.9 contains an unquoted service path vulnerability in the DFWSIDService that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone\ to inject malicious executables that would run with LocalSystem privileges.
|
|||||
| CVE-2022-50903 | 1 Wondershare | 1 Mobiletrans | 2026-01-28 | N/A | 8.4 HIGH |
|
Wondershare MobileTrans 3.5.9 contains an unquoted service path vulnerability in the ElevationService that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path by placing malicious executables in specific filesystem locations that will be executed with LocalSystem permissions during service startup.
|
|||||
| CVE-2020-36958 | 2026-01-27 | N/A | 7.8 HIGH | ||
|
Kite 1.2020.1119.0 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Kite\KiteService.exe' to inject malicious executables and escalate privileges on the system.
|
|||||
| CVE-2020-36953 | 2026-01-27 | N/A | 7.8 HIGH | ||
|
MiniTool ShadowMaker 3.2 contains an unquoted service path vulnerability in the MTAgentService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\MiniTool ShadowMaker\AgentService.exe' to inject malicious executables and escalate privileges.
|
|||||
| CVE-2020-36952 | 2026-01-27 | N/A | 7.8 HIGH | ||
|
IObit Uninstaller 10 Pro contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted service path in the IObit Uninstaller Service to insert malicious code that would execute with SYSTEM-level permissions during service startup.
|
|||||
| CVE-2020-36957 | 2026-01-27 | N/A | 7.8 HIGH | ||
|
PDF Complete 3.5.310.2002 contains an unquoted service path vulnerability in its pdfsvc.exe service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges.
|
|||||
| CVE-2020-36959 | 2026-01-27 | N/A | 7.8 HIGH | ||
|
IDT PC Audio 1.0.6499.0 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the STacSV service to inject malicious code that would execute with LocalSystem account permissions during service startup.
|
|||||
| CVE-2021-47833 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
WifiHotSpot 1.0.0.0 contains an unquoted service path vulnerability in its WifiHotSpotService.exe that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSystem permissions.
|
|||||
| CVE-2021-47823 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
Acer ePowerSvc 6.0.3008.0 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem permissions during service startup.
|
|||||
| CVE-2021-47826 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
Acer Backup Manager 3.0.0.99 contains an unquoted service path vulnerability in the NTI IScheduleSvc service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\NTI\Acer Backup Manager\ to inject malicious executables that would run with elevated LocalSystem privileges.
|
|||||
| CVE-2021-47847 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
Disk Sorter Server 13.6.12 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Sorter Server\bin\disksrs.exe' to inject malicious executables and escalate privileges.
|
|||||
| CVE-2021-47825 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
Acer Updater Service 1.2.3500.0 contains an unquoted service path vulnerability that allows local users to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files\Acer\Acer Updater\ to inject malicious executables that will run with LocalSystem permissions during service startup.
|
|||||
| CVE-2021-47829 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
DHCP Broadband 4.1.0.1503 contains an unquoted service path vulnerability in its service configuration that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path in 'C:\Program Files\DHCP Broadband 4\dhcpt.exe' to inject malicious code that will execute during service startup with LocalSystem permissions.
|
|||||
| CVE-2021-47845 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
Spy Emergency 25.0.650 contains an unquoted service path vulnerability in its Windows service configurations that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted file paths in SpyEmergencyHealth.exe and SpyEmergencySrv.exe to inject malicious code during system startup or service restart.
|
|||||
| CVE-2021-47828 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
BOOTP Turbo 2.0.0.1253 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path to execute arbitrary code with elevated LocalSystem privileges during system startup or reboot.
|
|||||
| CVE-2021-47822 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
DiskBoss Service 12.2.18 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path locations to gain system-level access during service startup.
|
|||||
| CVE-2021-47880 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
Realtek Wireless LAN Utility 700.1631 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted service path by inserting malicious code in the system root path that would execute during application startup or system reboot.
|
|||||
| CVE-2021-47868 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
WIN-PACK PRO 4.8 contains an unquoted service path vulnerability in the WPCommandFileService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files <x86>\WINPAKPRO\WPCommandFileService Service.exe to inject malicious code that would execute with LocalSystem permissions.
|
|||||
| CVE-2021-47861 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
Event Log Explorer 4.9.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations that will be executed with LocalSystem account privileges during service startup.
|
|||||
| CVE-2021-47862 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
Hi-Rez Studios 5.1.6.3 contains an unquoted service path vulnerability in the HiPatchService that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSystem permissions.
|
|||||
| CVE-2021-47887 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
OKI Print Job Accounting 4.4.10 contains an unquoted service path vulnerability in the OkiJaSvc service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Okidata\Print Job Accounting\' to inject malicious executables and escalate privileges.
|
|||||
| CVE-2021-47863 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
MacPaw Encrypto 1.0.1 contains an unquoted service path vulnerability in its Encrypto Service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Encrypto\ to inject malicious executables and escalate privileges on Windows systems.
|
|||||
| CVE-2021-47886 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
Pingzapper 2.3.1 contains an unquoted service path vulnerability in the PingzapperSvc service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\Pingzapper\PZService.exe' to inject malicious executables and escalate privileges.
|
|||||
| CVE-2021-47878 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
eBeam Education Suite 2.5.0.9 contains an unquoted service path vulnerability in the eBeam Device Service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem privileges during service startup.
|
|||||
| CVE-2021-47884 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
OKI Configuration Tool 1.6.53 contains an unquoted service path vulnerability in the OKI Local Port Manager service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Okidata\Common\extend3\portmgrsrv.exe' to inject malicious executables and escalate privileges.
|
|||||
| CVE-2021-47869 | 2026-01-26 | N/A | 7.8 HIGH | ||
|
Brother BRAdmin Professional 3.75 contains an unquoted service path vulnerability in the BRA_Scheduler service that allows local users to potentially execute arbitrary code. Attackers can place a malicious executable named 'BRAdmin' in the C:\Program Files (x86)\Brother\ directory to gain local system privileges.
|
|||||