Total
207 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-3757 | 1 Emc | 1 Elan Touchpad Driver | 2024-11-21 | N/A |
| An unquoted service path vulnerability was identified in the driver for the ElanTech Touchpad, various versions, used on some Lenovo brand notebooks (not ThinkPads). This could allow an attacker with local privileges to execute code with administrative privileges. | ||||
| CVE-2017-3751 | 1 Lenovo | 1 Thinkpad Compact Usb Keyboard Driver | 2024-11-21 | N/A |
| An unquoted service path vulnerability was identified in the driver for the ThinkPad Compact USB Keyboard with TrackPoint versions earlier than 1.5.5.0. This could allow an attacker with local privileges to execute code with administrative privileges. | ||||
| CVE-2017-3141 | 1 Isc | 1 Bind | 2024-11-21 | N/A |
| The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2->9.2.9, 9.3.2-P1->9.3.6, 9.4.0->9.8.8, 9.9.0->9.9.10, 9.10.0->9.10.5, 9.11.0->9.11.1, 9.9.3-S1->9.9.10-S1, 9.10.5-S1. | ||||
| CVE-2017-3005 | 2 Adobe, Microsoft | 2 Photoshop Cc, Windows | 2024-11-21 | N/A |
| Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17.0.1) and earlier have an unquoted search path vulnerability. | ||||
| CVE-2017-15383 | 1 Nero | 1 Nero | 2024-11-21 | N/A |
| Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILES(x86)%\Nero directory. | ||||
| CVE-2017-14030 | 1 Moxa | 1 Mxview | 2024-11-21 | N/A |
| An issue was discovered in Moxa MXview v2.8 and prior. The unquoted service path escalation vulnerability could allow an authorized user with file access to escalate privileges by inserting arbitrary code into the unquoted service path. | ||||
| CVE-2017-14019 | 1 Progea | 1 Movicon | 2024-11-21 | N/A |
| An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her privileges. | ||||
| CVE-2017-13993 | 1 I-sens | 1 Smartlog Diabetes Management Software | 2024-11-21 | N/A |
| An Uncontrolled Search Path or Element issue was discovered in i-SENS SmartLog Diabetes Management Software, Version 2.4.0 and prior versions. An uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded prior to the valid DLL, an attacker could execute arbitrary code on the system. This vulnerability does not affect the connected blood glucose monitor and would not impact delivery of therapy to the patient. | ||||
| CVE-2017-12730 | 1 Myscada | 1 Mypro | 2024-11-21 | N/A |
| An Unquoted Search Path issue was discovered in mySCADA myPRO Versions 7.0.26 and prior. Application services utilize unquoted search path elements, which could allow an attacker to execute arbitrary code with elevated privileges. | ||||
| CVE-2017-11672 | 1 Opcfoundation | 1 Local Discovery Server | 2024-11-21 | N/A |
| The OPC Foundation Local Discovery Server (LDS) before 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges. | ||||
| CVE-2017-1000475 | 1 Freesshd | 1 Freesshd | 2024-11-21 | N/A |
| FreeSSHd 1.3.1 version is vulnerable to an Unquoted Path Service allowing local users to launch processes with elevated privileges. | ||||
| CVE-2016-8225 | 1 Lenovo | 2 Edge Keyboard Driver, Slim Usb Keyboard Driver | 2024-11-21 | N/A |
| Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB Keyboard Driver versions earlier than 1.21 allows local users to execute code with elevated privileges. | ||||
| CVE-2016-6935 | 1 Adobe | 1 Creative Cloud | 2024-11-21 | N/A |
| Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.8.0.310 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory. | ||||
| CVE-2016-5793 | 1 Moxa | 1 Active Opc Server | 2024-11-21 | N/A |
| Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory. | ||||
| CVE-2016-15003 | 2 Filezilla-project, Microsoft | 2 Filezilla Client, Windows | 2024-11-21 | 6.3 Medium |
| A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2015-4173 | 1 Sonicwall | 1 Netextender | 2024-11-21 | N/A |
| Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder. | ||||
| CVE-2014-5455 | 2 Openvpn, Privatetunnel | 2 Openvpn, Privatetunnel | 2024-11-21 | N/A |
| Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder. | ||||
| CVE-2013-2231 | 2 Microsoft, Redhat | 6 Windows, Enterprise Linux, Enterprise Linux Desktop Supplementary and 3 more | 2024-11-21 | N/A |
| Unquoted Windows search path vulnerability in the QEMU Guest Agent service for Red Hat Enterprise Linux Desktop 6, HPC Node 6, Server 6, Workstation 6, Desktop Supplementary 6, Server Supplementary 6, Supplementary AUS 6.4, Supplementary EUS 6.4.z, and Workstation Supplementary 6, when installing on Windows, allows local users to gain privileges via a crafted program in an unspecified folder. | ||||
| CVE-2013-2176 | 1 Redhat | 2 Enterprise Virtualization, Rhev Manager | 2024-11-21 | N/A |
| Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application. | ||||
| CVE-2013-2152 | 1 Redhat | 2 Enterprise Virtualization, Rhev Manager | 2024-11-21 | N/A |
| Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder. | ||||