Total
182 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-35469 | 1 Lexmark | 3 Printer Software G2, Printer Software G3, Printer Software G4 | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
| The Lexmark Printer Software G2, G3 and G4 Installation Packages have a local escalation of privilege vulnerability due to a registry entry that has an unquoted service path. | |||||
| CVE-2021-0112 | 1 Intel | 1 Unite | 2024-02-28 | 4.4 MEDIUM | 7.3 HIGH |
| Unquoted service path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access. | |||||
| CVE-2021-35056 | 1 Unisys | 1 Stealth | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
| Unisys Stealth 5.1 before 5.1.025.0 and 6.0 before 6.0.055.0 has an unquoted Windows search path for a scheduled task. An unintended executable might run. | |||||
| CVE-2021-31553 | 1 Mediawiki | 1 Mediawiki | 2024-02-28 | 6.4 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the cu_log database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example, the attacker could turn off Special:CheckUserLog and thus interfere with usage tracking. | |||||
| CVE-2021-27608 | 1 Sap | 1 Setup | 2024-02-28 | 4.4 MEDIUM | 7.5 HIGH |
| An unquoted service path in SAPSetup, version - 9.0, could lead to privilege escalation during the installation process that is performed when an executable file is registered. This could further lead to complete compromise of confidentiality, Integrity and Availability. | |||||
| CVE-2021-31776 | 2 Aviatrix, Microsoft | 2 Vpn Client, Windows | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
| Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators. | |||||
| CVE-2020-22809 | 1 Windscribe | 1 Windscribe | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
| In Windscribe v1.83 Build 20, 'WindscribeService' has an Unquoted Service Path that facilitates privilege escalation. | |||||
| CVE-2020-11632 | 1 Zscaler | 1 Client Connector | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
| The Zscaler Client Connector prior to 2.1.2.150 did not quote the search path for services, which allows a local adversary to execute code with system privileges. | |||||
| CVE-2020-35152 | 1 Cloudflare | 1 Warp | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
| Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service's binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1. | |||||
| CVE-2021-23879 | 1 Mcafee | 1 Endpoint Product Removal Tool | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
| Unquoted service path vulnerability in McAfee Endpoint Product Removal (EPR) Tool prior to 21.2 allows local administrators to execute arbitrary code, with higher-level privileges, via execution from a compromised folder. The tool did not enforce and protect the execution path. Local admin privileges are required to place the files in the required location. | |||||
| CVE-2020-27644 | 1 1e | 1 Client | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| The Inventory module of the 1E Client 5.0.0.745 doesn't handle an unquoted path when executing %PROGRAMFILES%\1E\Client\Tachyon.Performance.Metrics.exe. This may allow remote authenticated users and local users to gain elevated privileges by placing a malicious cryptbase.dll file in %WINDIR%\Temp\. | |||||
| CVE-2020-15261 | 2 Microsoft, Veyon | 2 Windows, Veyon | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
| On Windows the Veyon Service before version 4.4.2 contains an unquoted service path vulnerability, allowing locally authenticated users with administrative privileges to run malicious executables with LocalSystem privileges. Since Veyon users (both students and teachers) usually don't have administrative privileges, this vulnerability is only dangerous in anyway unsafe setups. The problem has been fixed in version 4.4.2. As a workaround, the exploitation of the vulnerability can be prevented by revoking administrative privileges from all potentially untrustworthy users. | |||||
| CVE-2020-27645 | 1 1e | 1 Client | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| The Inventory module of the 1E Client 5.0.0.745 doesn't handle an unquoted path when executing %PROGRAMFILES%\1E\Client\Tachyon.Performance.Metrics.exe. This may allow remote authenticated users and local users to gain elevated privileges. | |||||
| CVE-2021-21292 | 2 Microsoft, Traccar | 2 Windows, Traccar | 2024-02-28 | 1.9 LOW | 6.3 MEDIUM |
| Traccar is an open source GPS tracking system. In Traccar before version 4.12 there is an unquoted Windows binary path vulnerability. Only Windows versions are impacted. Attacker needs write access to the filesystem on the host machine. If Java path includes a space, then attacker can lift their privilege to the same as Traccar service (system). This is fixed in version 4.12. | |||||
| CVE-2020-7316 | 1 Mcafee | 1 File And Removable Media Protection | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
| Unquoted service path vulnerability in McAfee File and Removable Media Protection (FRP) prior to 5.3.0 allows local users to execute arbitrary code, with higher privileges, via execution and from a compromised folder. This issue may result in files not being encrypted when a policy is triggered. | |||||
| CVE-2020-28209 | 2 Microsoft, Schneider-electric | 2 Windows, Enterprise Server Installer | 2024-02-28 | 4.4 MEDIUM | 7.0 HIGH |
| A CWE-428 Windows Unquoted Search Path vulnerability exists in EcoStruxure Building Operation Enterprise Server installer V1.9 - V3.1 and Enterprise Central installer V2.0 - V3.1 that could cause any local Windows user who has write permission on at least one of the subfolders of the Connect Agent service binary path, being able to gain the privilege of the user who started the service. By default, the Enterprise Server and Enterprise Central is always installed at a location requiring Administrator privileges so the vulnerability is only valid if the application has been installed on a non-secure location. | |||||
| CVE-2020-7331 | 1 Mcafee | 1 Endpoint Security | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
| Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files. | |||||
| CVE-2020-5147 | 1 Sonicwall | 1 Netextender | 2024-02-28 | 4.6 MEDIUM | 5.3 MEDIUM |
| SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to gain elevated privileges in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 10.2.300 and earlier. | |||||
| CVE-2020-1988 | 1 Paloaltonetworks | 1 Globalprotect | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
| An unquoted search path vulnerability in the Windows release of Global Protect Agent allows an authenticated local user with file creation privileges on the root of the OS disk (C:\) or to Program Files directory to gain system privileges. This issue affects Palo Alto Networks GlobalProtect Agent 5.0 versions before 5.0.5; 4.1 versions before 4.1.13 on Windows; | |||||
| CVE-2020-7382 | 1 Rapid7 | 1 Nexpose | 2024-02-28 | 4.4 MEDIUM | 6.5 MEDIUM |
| Rapid7 Nexpose installer version prior to 6.6.40 contains an Unquoted Search Path which may allow an attacker on the local machine to insert an arbitrary file into the executable path. This issue affects: Rapid7 Nexpose versions prior to 6.6.40. | |||||