CWE-428: CWE-428

This vulnerability allows a local user with filesystem access to escalate privileges on IBM Db2 for Windows systems due to an unquoted search path ele...

CVE-2023-54336 is an unquoted service path vulnerability in Mediconta 3.7.27 that allows local attackers to execute arbitrary code with LocalSystem pr...

CVE-2023-54338 is an unquoted service path vulnerability in Tftpd32 SE 4.60 that allows local attackers to execute arbitrary code with SYSTEM privileg...

CVE-2022-50938 is an unquoted service path vulnerability in CONTPAQi AdminPAQ 14.0.0 that allows attackers to inject malicious code into the service b...

CVE-2023-53984 is an unquoted service path vulnerability in Clevo HotKey Clipboard 2.1.0.6 that allows local non-privileged users to escalate privileg...

CVE-2022-50929 is an unquoted service path vulnerability in Connectify Hotspot 2018 that allows local attackers to execute arbitrary code with elevate...

CVE-2022-50930 is an unquoted service path vulnerability in Emerson PAC Machine Edition 9.80's TrapiServer service that allows local attackers to exec...

CVE-2022-50924 is an unquoted service path vulnerability in Private Internet Access VPN client version 3.3 that allows local attackers to execute arbi...

CVE-2022-50918 is an unquoted service path vulnerability in VIVE Runtime Service that allows local attackers to execute arbitrary code with SYSTEM pri...

CVE-2022-50920 is an unquoted service path vulnerability in Sandboxie-Plus's SbieSvc Windows service. This allows local attackers to place malicious e...

CVE-2022-50913 is an unquoted service path vulnerability in ITeC ITeCProteccioAppServer that allows local attackers to execute arbitrary code with SYS...

CVE-2022-50914 is an unquoted service path vulnerability in EaseUS Data Recovery 15.1.0.0 that allows attackers to place malicious executables in the ...

CVE-2023-53965 is an unquoted service path vulnerability in SOUND4 Server Service 4.1.102 that allows local non-privileged users to escalate privilege...

CVE-2022-50688 is an unquoted service path vulnerability in Cobian Backup Gravity that allows local attackers to execute arbitrary code with SYSTEM pr...

CVE-2025-10714 is an unquoted search path vulnerability in AXIS Optimizer software that allows local attackers with administrative privileges to escal...

This vulnerability in Mitsubishi Electric Factory Automation engineering software allows malicious code execution, enabling attackers to steal data, m...

This CVE describes a local privilege escalation vulnerability in Acronis Windows products due to an unquoted search path issue. Attackers with local a...

CVE-2019-25345 is an unquoted service path vulnerability in Realtek IIS Codec Service that allows local attackers to execute arbitrary code with eleva...

CVE-2019-25306 is an unquoted service path vulnerability in BlackMoon FTP Server that allows local attackers to execute arbitrary code with LocalSyste...

CVE-2019-25308 is an unquoted service path vulnerability in Mikogo's Windows service that allows attackers with local access to execute arbitrary code...

ActiveFax Server 6.92 Build 0316 has an unquoted service path vulnerability in its ActiveFaxServiceNT service. This allows local attackers with write ...

Epson USB Display 1.6.0.0 contains an unquoted service path vulnerability in the EMP_UDSA service, which runs with LocalSystem privileges. Attackers c...

CVE-2021-47896 is an unquoted service path vulnerability in PDF Complete Corporate Edition's pdfcDispatcher service. Local attackers can exploit this ...

Softros LAN Messenger 9.6.4 contains an unquoted service path vulnerability in the SoftrosSpellChecker service that allows local attackers to execute ...

LogonExpert 8.1 contains an unquoted service path vulnerability in the LogonExpertSvc service. Attackers can place malicious executables in intermedia...

CVE-2021-47887 is an unquoted service path vulnerability in OKI Print Job Accounting 4.4.10 that allows local attackers to execute arbitrary code with...

FreeLAN 2.2 on Windows contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with LocalSystem privileg...

CVE-2021-47883 is an unquoted service path vulnerability in Sandboxie Plus's SbieSvc service that allows local attackers to execute arbitrary code wit...

CVE-2021-47884 is an unquoted service path vulnerability in OKI Configuration Tool 1.6.53 that allows local attackers to execute arbitrary code with e...

CVE-2021-47886 is an unquoted service path vulnerability in Pingzapper 2.3.1 that allows local attackers to execute arbitrary code with elevated privi...

CVE-2021-47879 is an unquoted service path vulnerability in eBeam Interactive Suite 3.6's eBeam Stylus Driver service. Local attackers can place malic...

CVE-2021-47880 is an unquoted service path vulnerability in Realtek Wireless LAN Utility that allows local attackers to execute arbitrary code with SY...

CVE-2021-47878 is an unquoted service path vulnerability in eBeam Education Suite's Device Service that allows local attackers to execute arbitrary co...

CVE-2021-47874 is an unquoted service path vulnerability in VFS for Git's GVFS.Service Windows service that allows local attackers to execute arbitrar...

CVE-2021-47868 is an unquoted service path vulnerability in WIN-PACK PRO 4.8's WPCommandFileService that allows local attackers to execute arbitrary c...

CVE-2021-47869 is an unquoted service path vulnerability in Brother BRAdmin Professional 3.75's BRA_Scheduler service. This allows local attackers to ...

CVE-2021-47864 is an unquoted service path vulnerability in OSAS Traverse Extension 11's TravExtensionHostSvc service. Attackers with local access can...

WIN-PACK PRO 4.8 contains an unquoted service path vulnerability in GuardTourService that allows local attackers to execute arbitrary code with SYSTEM...

CVE-2021-47867 is an unquoted service path vulnerability in WIN-PACK PRO 4.8's ScheduleService that allows local attackers to execute arbitrary code w...

Event Log Explorer 4.9.3 has an unquoted service path vulnerability that allows local attackers to execute arbitrary code with SYSTEM privileges. Atta...

CVE-2021-47862 is an unquoted service path vulnerability in Hi-Rez Studios' HiPatchService that allows local attackers to execute arbitrary code with ...

CVE-2021-47863 is an unquoted service path vulnerability in MacPaw Encrypto that allows local attackers to execute arbitrary code with elevated privil...

CVE-2021-47859 is an unquoted service path vulnerability in ActivIdentity 8.2's ac.sharedstore service that allows local attackers to execute arbitrar...

CVE-2021-47845 is an unquoted service path vulnerability in Spy Emergency 25.0.650 that allows local attackers to execute arbitrary code with SYSTEM p...

Disk Sorter Server 13.6.12 has an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated privileges. ...

This vulnerability allows local attackers to execute arbitrary code with SYSTEM privileges by exploiting an unquoted service path in DHCP Broadband. A...

CVE-2021-47833 is an unquoted service path vulnerability in WifiHotSpot 1.0.0.0 that allows local attackers to execute arbitrary code with LocalSystem...

CVE-2021-47823 is an unquoted service path vulnerability in Acer ePowerSvc that allows local attackers to execute arbitrary code with LocalSystem priv...