Total
408 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-37055 | 2026-02-03 | N/A | 7.8 HIGH | ||
| SpyHunter 4 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific file system locations to gain elevated access during service startup. | |||||
| CVE-2020-37037 | 2026-02-03 | N/A | 7.8 HIGH | ||
| Avast SecureLine 5.5.522.0 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem account permissions during service startup. | |||||
| CVE-2020-37099 | 2026-02-03 | N/A | 7.8 HIGH | ||
| Disk Savvy Enterprise 12.3.18 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Savvy Enterprise\bin\disksvs.exe' to inject malicious executables and escalate privileges. | |||||
| CVE-2020-37098 | 2026-02-03 | N/A | 7.8 HIGH | ||
| Disk Sorter Enterprise 12.4.16 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be launched with LocalSystem permissions. | |||||
| CVE-2020-37101 | 2026-02-03 | N/A | 7.8 HIGH | ||
| VPN Unlimited 6.1 contains an unquoted service path vulnerability that allows local attackers to inject malicious executables into the service binary path. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\VPN Unlimited\' to replace the service executable and gain elevated system privileges. | |||||
| CVE-2020-37102 | 2026-02-03 | N/A | 7.8 HIGH | ||
| Adaware Web Companion 4.9.2159 contains an unquoted service path vulnerability in the WCAssistantService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges during service startup. | |||||
| CVE-2023-54331 | 1 Getoutline | 1 Outline | 2026-02-02 | N/A | 7.8 HIGH |
| Outline 1.6.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the OutlineService executable to inject malicious code that will be executed with LocalSystem permissions. | |||||
| CVE-2022-50933 | 1 Malavida | 1 Cain \& Abel | 2026-02-02 | N/A | 7.8 HIGH |
| Cain & Abel 4.9.56 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions. | |||||
| CVE-2022-50928 | 1 Ivtcorporation | 1 Bluesoleilcs | 2026-02-02 | N/A | 7.8 HIGH |
| BlueSoleilCS 5.4.277 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in 'C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe' to inject malicious executables and escalate privileges. | |||||
| CVE-2022-50921 | 1 Wow21 | 1 Wow21 | 2026-02-02 | N/A | 7.8 HIGH |
| WOW21 5.0.1.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions during service startup. | |||||
| CVE-2021-47767 | 1 10-strike | 1 Network Inventory Explorer | 2026-01-30 | N/A | 7.8 HIGH |
| 10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path segments to achieve privilege escalation and execute code with system-level permissions. | |||||
| CVE-2021-47790 | 1 Pysoft | 1 Active Webcam | 2026-01-30 | N/A | 7.8 HIGH |
| Active WebCam 11.5 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path by placing malicious executables in specific directory locations to gain administrative access. | |||||
| CVE-2021-47792 | 1 Remotemouse | 1 Remote Mouse | 2026-01-30 | N/A | 7.8 HIGH |
| Remote Mouse 4.002 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the RemoteMouseService to inject malicious executables and gain administrative access. | |||||
| CVE-2021-47806 | 1 Flexense | 1 Dup Scout | 2026-01-30 | N/A | 7.8 HIGH |
| Dup Scout 13.5.28 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Dup Scout Server\bin\dupscts.exe' to inject malicious executables and escalate privileges. | |||||
| CVE-2021-47807 | 1 Flexense | 1 Sync Breeze | 2026-01-30 | N/A | 7.8 HIGH |
| Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious executables and escalate privileges. | |||||
| CVE-2021-47809 | 1 Flexense | 1 Disk Sorter | 2026-01-30 | N/A | 7.8 HIGH |
| Disk Sorter Enterprise 13.6.12 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Sorter Enterprise\bin\disksrs.exe' to inject malicious executables and escalate privileges. | |||||
| CVE-2021-47810 | 1 Wibu | 1 Wibukey | 2026-01-30 | N/A | 7.8 HIGH |
| WibuKey Runtime 6.51 contains an unquoted service path vulnerability in the WkSvW32.exe service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\PROGRAM FILES (X86)\WIBUKEY\SERVER\WkSvW32.exe' to inject malicious executables and escalate privileges. | |||||
| CVE-2020-36979 | 2026-01-29 | N/A | 7.8 HIGH | ||
| Atheros Coex Service Application 8.0.0.255 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path by placing malicious executables in the service path to gain elevated system privileges during service startup. | |||||
| CVE-2020-36977 | 2026-01-29 | N/A | 7.8 HIGH | ||
| Wondershare Driver Install Service contains an unquoted service path vulnerability in the ElevationService executable that allows local attackers to potentially inject malicious code. Attackers can exploit the unquoted path to replace the service binary with a malicious executable, enabling privilege escalation to LocalSystem account. | |||||
| CVE-2020-36976 | 2026-01-29 | N/A | 7.8 HIGH | ||
| Acer Global Registration Service 1.0.0.3 contains an unquoted service path vulnerability in its service configuration that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Acer\Registration\ to inject malicious executables that would run with elevated LocalSystem privileges during service startup. | |||||