Total
408 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-36975 | 2026-01-29 | N/A | 7.8 HIGH | ||
| EPSON Status Monitor 3 version 8.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers can leverage the unquoted path in 'C:\Program Files\Common Files\EPSON\EPW!3SSRP\E_S60RPB.EXE' to inject malicious executables and escalate privileges. | |||||
| CVE-2020-36974 | 2026-01-29 | N/A | 7.8 HIGH | ||
| Realtek Andrea RT Filters 1.0.64.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in 'C:\Program Files\IDT\WDM\AESTSr64.exe' to inject malicious code that would execute during service startup or system reboot. | |||||
| CVE-2020-36983 | 2026-01-29 | N/A | 7.8 HIGH | ||
| Quick 'n Easy FTP Service 3.2 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code during service startup. Attackers can exploit the misconfigured service binary path to inject malicious executables with elevated LocalSystem privileges during system boot or service restart. | |||||
| CVE-2020-36980 | 2026-01-29 | N/A | 7.8 HIGH | ||
| SAntivirus IC 10.0.21.61 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted executable path to inject malicious files in the service binary path, enabling privilege escalation to system-level permissions. | |||||
| CVE-2020-36981 | 2026-01-29 | N/A | 7.8 HIGH | ||
| Motorola Device Manager 2.4.5 contains an unquoted service path vulnerability in the PST Service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in ForwardDaemon.exe to inject malicious code that will execute with elevated system privileges during service startup. | |||||
| CVE-2020-36982 | 2026-01-29 | N/A | 7.8 HIGH | ||
| Motorola Device Manager 2.5.4 contains an unquoted service path vulnerability in the MotoHelperService.exe service that allows local users to potentially inject malicious code. Attackers can exploit the unquoted path in the service configuration to execute arbitrary code with elevated system privileges during service startup. | |||||
| CVE-2020-37020 | 2026-01-29 | N/A | 7.8 HIGH | ||
| SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by exploiting the service executable path. Attackers can replace the wrapper.exe in the service path with a malicious executable to execute code with highest system privileges during service restart. | |||||
| CVE-2020-36986 | 2026-01-29 | N/A | 7.8 HIGH | ||
| Prey 1.9.6 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in the CronService to insert malicious code that would execute during application startup or system reboot. | |||||
| CVE-2020-36987 | 2026-01-29 | N/A | 7.8 HIGH | ||
| Program Access Controller 1.2.0.0 contains an unquoted service path vulnerability in PACService.exe that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSystem permissions. | |||||
| CVE-2020-36984 | 2026-01-29 | N/A | 7.8 HIGH | ||
| EPSON 1.124 contains an unquoted service path vulnerability in the SENADB service that allows local attackers to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\ to inject malicious executables that will run with LocalSystem permissions. | |||||
| CVE-2020-36992 | 2026-01-29 | N/A | 7.8 HIGH | ||
| Nord VPN 6.31.13.0 contains an unquoted service path vulnerability in its nordvpn-service that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted binary path during system startup or reboot to potentially run malicious code with LocalSystem permissions. | |||||
| CVE-2020-37016 | 2026-01-29 | N/A | 7.8 HIGH | ||
| BarcodeOCR 19.3.6 contains an unquoted service path vulnerability that allows local attackers to execute code with elevated privileges during system startup. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will run with LocalSystem privileges. | |||||
| CVE-2020-37021 | 2026-01-29 | N/A | 7.8 HIGH | ||
| 10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local attackers to escalate privileges. Attackers can place a malicious executable in specific file path locations to achieve privilege escalation to SYSTEM during service startup. | |||||
| CVE-2020-36990 | 2026-01-29 | N/A | 7.8 HIGH | ||
| Input Director 1.4.3 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSystem permissions. | |||||
| CVE-2020-36989 | 2026-01-29 | N/A | 7.8 HIGH | ||
| ForensiT AppX Management Service 2.2.0.4 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem account permissions during service startup. | |||||
| CVE-2020-36985 | 2026-01-29 | N/A | 7.8 HIGH | ||
| IP Watcher 3.0.0.30 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with elevated LocalSystem privileges during service startup. | |||||
| CVE-2020-36991 | 2026-01-29 | N/A | 7.8 HIGH | ||
| ShareMouse 5.0.43 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the insecure service path configuration by placing malicious executables in specific system directories to gain elevated access during service startup. | |||||
| CVE-2023-53965 | 1 Sound4 | 30 Big Voice, Big Voice Firmware, First and 27 more | 2026-01-29 | N/A | 8.4 HIGH |
| SOUND4 Server Service 4.1.102 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted binary path by inserting malicious code in the system root path that could execute with LocalSystem privileges during service startup. | |||||
| CVE-2022-50900 | 1 Wondershare | 1 Dr.fone | 2026-01-28 | N/A | 8.4 HIGH |
| Wondershare Dr.Fone 12.0.18 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path to insert malicious code that will be executed with LocalSystem permissions during service startup. | |||||
| CVE-2022-50901 | 1 Wondershare | 1 Dr.fone | 2026-01-28 | N/A | 8.4 HIGH |
| Wondershare Dr.Fone 11.4.9 contains an unquoted service path vulnerability in the DFWSIDService that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone\ to inject malicious executables that would run with LocalSystem privileges. | |||||