Total
328 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-47787 | 1 Totalav | 1 Totalav | 2026-01-16 | 7.8 High |
| TotalAV 5.15.69 contains an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. Attackers can place malicious executables in specific unquoted path segments to potentially gain SYSTEM-level access by exploiting the service path configuration. | ||||
| CVE-2020-36930 | 1 Flexense | 1 Sysgauge | 2026-01-16 | 7.8 High |
| SysGauge Server 7.9.18 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\SysGauge Server\bin\sysgaus.exe' to inject malicious executables and escalate privileges. | ||||
| CVE-2024-58315 | 2 Microsoft, Tosi | 2 Windows, Tosibox Key | 2026-01-16 | 7.8 High |
| Tosibox Key Service 3.3.0 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can exploit the service startup process by inserting malicious code in the system root path, enabling unauthorized code execution during application startup or system reboot. | ||||
| CVE-2020-36929 | 1 Brother | 1 Brprint Auditor | 2026-01-16 | 7.8 High |
| Brother BRPrint Auditor 3.0.7 contains an unquoted service path vulnerability in its Windows service configurations that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted file paths in BrAuSvc and BRPA_Agent services to inject malicious executables and escalate privileges on the system. | ||||
| CVE-2020-36928 | 1 Brother | 1 Bragent | 2026-01-16 | 7.8 High |
| Brother BRAgent 1.38 contains an unquoted service path vulnerability in the WBA_Agent_Client service running with LocalSystem privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Brother\BRAgent\ to inject and execute malicious code with elevated system permissions. | ||||
| CVE-2020-36927 | 1 Flexense | 1 Diskpulse | 2026-01-16 | 7.8 High |
| DiskPulse Enterprise 13.6.14 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Pulse Enterprise\bin\diskpls.exe' to inject malicious executables and escalate privileges. | ||||
| CVE-2021-47762 | 1 Httpdebugger | 1 Httpdebuggerpro | 2026-01-16 | 7.8 High |
| HTTPDebuggerPro 9.11 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables and gain elevated access to the system. | ||||
| CVE-2021-47767 | 1 10-strike | 1 Network Inventory Explorer | 2026-01-16 | 7.8 High |
| 10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path segments to achieve privilege escalation and execute code with system-level permissions. | ||||
| CVE-2021-47804 | 1 Wisecleaner | 1 Wise Care 365 | 2026-01-16 | 7.8 High |
| Wise Care 365 5.6.7.568 contains an unquoted service path vulnerability in the WiseBootAssistant service running with LocalSystem privileges. Attackers can exploit this by inserting a malicious executable in the service path, which will execute with elevated system privileges when the service restarts. | ||||
| CVE-2021-47803 | 1 I-funbox | 1 Ifunbox | 2026-01-16 | 7.8 High |
| iFunbox 4.2 contains an unquoted service path vulnerability in the Apple Mobile Device Service that allows local attackers to execute code with elevated privileges. Attackers can insert a malicious executable into the unquoted service path to run with LocalSystem privileges when the service restarts. | ||||
| CVE-2022-50933 | 1 Malavida | 1 Cain And Abel | 2026-01-14 | 8.4 High |
| Cain & Abel 4.9.56 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions. | ||||
| CVE-2022-50928 | 1 Ivt Corp | 1 Bluesoleilcs | 2026-01-14 | 8.4 High |
| BlueSoleilCS 5.4.277 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in 'C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe' to inject malicious executables and escalate privileges. | ||||
| CVE-2022-50921 | 1 Ilwebmaster21 | 1 Wow21 | 2026-01-14 | 8.4 High |
| WOW21 5.0.1.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions during service startup. | ||||
| CVE-2022-50693 | 1 Splashtop | 1 Splashtop | 2026-01-14 | 8.4 High |
| Splashtop 8.71.12001.0 contains an unquoted service path vulnerability in the Splashtop Software Updater Service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Splashtop\Splashtop Software Updater\ to inject malicious executables and escalate privileges. | ||||
| CVE-2022-50900 | 1 Wondershare | 1 Dr.fone | 2026-01-14 | 8.4 High |
| Wondershare Dr.Fone 12.0.18 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path to insert malicious code that will be executed with LocalSystem permissions during service startup. | ||||
| CVE-2022-50901 | 1 Wondershare | 1 Dr.fone | 2026-01-14 | 8.4 High |
| Wondershare Dr.Fone 11.4.9 contains an unquoted service path vulnerability in the DFWSIDService that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone\ to inject malicious executables that would run with LocalSystem privileges. | ||||
| CVE-2022-50903 | 1 Wondershare | 1 Mobiletrans | 2026-01-14 | 8.4 High |
| Wondershare MobileTrans 3.5.9 contains an unquoted service path vulnerability in the ElevationService that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path by placing malicious executables in specific filesystem locations that will be executed with LocalSystem permissions during service startup. | ||||
| CVE-2022-50904 | 1 Wondershare | 1 Ubackit | 2026-01-14 | 8.4 High |
| Wondershare UBackit 2.0.5 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the wsbackup service to inject malicious executables that would run with LocalSystem permissions during service startup. | ||||
| CVE-2022-50923 | 1 Cobiansoft | 1 Cobian Backup | 2026-01-14 | 8.4 High |
| Cobian Backup 0.9 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the CobianReflectorService to inject malicious code that will execute with LocalSystem permissions during service startup. | ||||
| CVE-2022-50924 | 1 Privateinternetaccess | 1 Private Internet Access | 2026-01-14 | 8.4 High |
| Private Internet Access 3.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem permissions during service startup. | ||||