CWE-428: CWE-428

CVE-2021-47825 is an unquoted service path vulnerability in Acer Updater Service that allows local attackers to execute arbitrary code with LocalSyste...

CVE-2021-47826 is an unquoted service path vulnerability in Acer Backup Manager's NTI IScheduleSvc service that allows local attackers to execute arbi...

CVE-2021-47828 is an unquoted service path vulnerability in BOOTP Turbo 2.0.0.1253 that allows attackers to execute arbitrary code with LocalSystem pr...

DiskBoss Service 12.2.18 has an unquoted service path vulnerability that allows local attackers to execute arbitrary code with SYSTEM privileges. Atta...

CVE-2021-47787 is an unquoted service path vulnerability in TotalAV antivirus software that allows attackers with local access to place malicious exec...

CVE-2021-47773 is an unquoted service path vulnerability in Dynojet Power Core 2.3.0 that allows local authenticated users to execute arbitrary code w...

This vulnerability allows local attackers to escalate privileges to SYSTEM level by exploiting an unquoted service path in 10-Strike Network Inventory...

HTTPDebuggerPro 9.11 has an unquoted service path vulnerability that allows local attackers to execute arbitrary code with SYSTEM privileges by placin...

CVE-2023-54331 is an unquoted service path vulnerability in Outline 1.6.0 that allows local attackers to execute arbitrary code with LocalSystem privi...

CVE-2022-50933 is an unquoted service path vulnerability in Cain & Abel 4.9.56 that allows local attackers to execute arbitrary code with elevated Loc...

BlueSoleilCS 5.4.277 has an unquoted service path vulnerability in its Windows service configuration. This allows local attackers with write access to...

CVE-2022-50923 is an unquoted service path vulnerability in Cobian Backup 0.9 that allows local attackers to execute arbitrary code with LocalSystem p...

CVE-2022-50917 is an unquoted service path vulnerability in ProtonVPN's WireGuard service that allows local attackers to execute arbitrary code with e...

CVE-2022-50921 is an unquoted service path vulnerability in WOW21 5.0.1.9 that allows local attackers to execute arbitrary code with SYSTEM privileges...

CVE-2022-50915 is an unquoted service path vulnerability in PTPublisher's PTProtect service that allows local attackers to execute arbitrary code with...

Tosibox Key Service 3.3.0 has an unquoted service path vulnerability that allows local non-privileged users to execute arbitrary code with SYSTEM priv...

CVE-2025-66575 is an unquoted service path vulnerability in VeeVPN 1.6.1 that allows attackers to execute arbitrary code with LocalSystem privileges d...

This vulnerability allows attackers to escalate privileges by exploiting an unquoted service path in Kingosoft Technology Ltd Kingo ROOT software. Att...

An unquoted search path vulnerability in NetBak Replicator allows local attackers with user accounts to execute arbitrary code by placing malicious ex...

This CVE describes an unquoted search path vulnerability in Dell NetWorker that allows local attackers with low privileges to execute arbitrary code. ...

This vulnerability in CPython's venv module allows command injection when creating virtual environments with attacker-controlled path names. Attackers...

CVE-2024-2747 is an unquoted search path vulnerability in Schneider Electric's Easergy Studio software that allows local authenticated users to escala...

This vulnerability allows a local attacker to escalate privileges on Windows systems running vulnerable SugarSync versions. By exploiting an unquoted ...

This CVE describes an unquoted search path vulnerability in Faronics Deep Freeze Server Standard that allows local attackers to hijack the DFServ.exe ...

This vulnerability in HDD Health allows local attackers to escalate privileges by placing malicious executables in unquoted search paths. It affects u...

This vulnerability in PowerSYSTEM Center allows a local user with existing system access to escalate privileges by inserting malicious code into an un...

This vulnerability allows a local attacker to gain elevated privileges on Windows systems running HCL AppScan Presence service. Attackers can exploit ...

CVE-2023-4991 is an unquoted search path vulnerability in NextBX QWAlerter 4.50 that allows local attackers to execute arbitrary code by placing malic...

CVE-2023-36658 is an unquoted service path vulnerability in OPSWAT MetaDefender KIOSK 4.6.1.9996 that allows local attackers to escalate privileges by...

This vulnerability in Pointware EasyInventory 1.0.12.0 involves an unquoted search path in the Easy2W.exe executable, allowing local attackers to exec...

Wondershare Filmora 12 contains an unquoted service path vulnerability in the NativePushService component. This allows attackers with local access to ...

This vulnerability allows attackers to execute arbitrary code with SYSTEM privileges on Windows systems running vulnerable versions of 42Gears Sureloc...

CVE-2023-24671 is an unquoted service path vulnerability in VX Search that allows attackers with local access to escalate privileges by placing a mali...

This CVE describes an unquoted service path vulnerability in ASUS Aura Ready Game SDK service (GameSDK.exe) version 1.0.0.4. It allows local attackers...

CVE-2022-31591 is an unquoted service path vulnerability in SAP BusinessObjects BW Publisher Service that allows local attackers to execute arbitrary ...

MiniTool Partition Wizard v12.0 has an unquoted service path vulnerability that allows attackers with local access to escalate privileges to SYSTEM le...

BattlEye anti-cheat software v0.9 contains an unquoted service path vulnerability that allows local attackers to escalate privileges to SYSTEM level b...

This vulnerability allows a local attacker to escalate privileges to SYSTEM level by exploiting an unquoted service path in Fujitsu PlugFree Network's...

This CVE describes an unquoted service path vulnerability in Sherpa Connector Service that allows local attackers to escalate privileges by placing a ...

This CVE describes an Unquoted Service Path vulnerability in System Explorer 7.0.0 that allows local attackers to escalate privileges by placing a mal...

This vulnerability allows local attackers to execute arbitrary code with SYSTEM privileges by placing a malicious executable in an unquoted service pa...

This CVE describes an Unquoted Service Path vulnerability in AnyTXT Searcher that allows local attackers to escalate privileges by placing a malicious...

CVE-2021-43456 is an unquoted service path vulnerability in Rumble Mail Server that allows local attackers to escalate privileges by placing a malicio...

CVE-2021-43458 is an unquoted service path vulnerability in Vembu BDR 4.2.0.1 that allows local attackers to escalate privileges by placing malicious ...

CVE-2022-27050 is an unquoted service path vulnerability in BitComet for Windows that allows local attackers to escalate privileges to SYSTEM level by...

This vulnerability in Akamai EAA Client involves an unquoted service path that could allow local attackers to escalate privileges by placing malicious...

This vulnerability in Zscaler Client Connector allows a local attacker to execute arbitrary code with SYSTEM privileges by exploiting an unquoted serv...

This vulnerability allows local attackers to escalate privileges on Windows systems running vulnerable Lexmark printer software. Attackers can exploit...

This vulnerability in Windscribe VPN client allows local attackers to escalate privileges by exploiting an unquoted service path in the WindscribeServ...

This vulnerability allows local privilege escalation to SYSTEM on Windows systems running vulnerable Aviatrix VPN Client versions. Attackers with loca...