CWE-428: CWE-428

CVE-2021-27608 is an unquoted service path vulnerability in SAPSetup version 9.0 that allows local attackers to escalate privileges during installatio...

This CVE describes an unquoted search path vulnerability in NetBT Consulting Services Inc.'s E-Fatura software. Attackers can manipulate configuration...

This vulnerability allows a local attacker to escalate privileges by exploiting an unquoted search path in AMD Cloud Manageability Service. Attackers ...

This vulnerability in AMD's AIM-T Manageability Service allows local attackers to escalate privileges by exploiting an unquoted search path. Attackers...

This CVE describes an unquoted service path vulnerability in Electronic Arts Dragon Age Origins 1.05's DAUpdaterSVC service. Attackers with local acce...

This vulnerability allows local Windows users to escalate privileges to SYSTEM by exploiting an unquoted search path in Grafana Alloy. It affects Wind...

This vulnerability in HPE MSA storage products allows attackers to gain elevated system privileges through the VSS Provider and CAPI Proxy software. I...

This vulnerability allows an authenticated Windows user to escalate privileges by exploiting an unquoted service path in Intel Unite Client. Attackers...

This vulnerability in TFTPD64-SE 4.64 involves an unquoted search path issue in the tftpd64_svc.exe service. It allows local attackers to potentially ...

This vulnerability allows attackers with write access to a directory on the system drive to execute arbitrary code with SYSTEM privileges by exploitin...

This vulnerability allows local attackers to escalate privileges to SYSTEM on Windows systems by exploiting unquoted service paths in Oki Electric Ind...

This vulnerability allows attackers with file system access to execute arbitrary code through improper quotation in search paths in Eaton UPS Companio...

This vulnerability in ELECOM Clone for Windows allows local privilege escalation through an unquoted service path. Attackers with write access to the ...

CVE-2025-66461 is an unquoted service path vulnerability in GS Yuasa's FULLBACK Manager Pro software that allows local users with write permissions to...

This CVE describes an unquoted search path vulnerability in PRI Driver software that could allow local authenticated attackers to escalate privileges....

Sony Optical Disc Archive Software registers a Windows service with an unquoted file path, allowing local attackers with write permissions on the syst...

This vulnerability allows local attackers with write permissions on the system drive root directory to escalate privileges to SYSTEM level by exploiti...

This CVE describes an unquoted service path vulnerability in memoQ's Auto Update Service that allows local users to escalate privileges to SYSTEM leve...

This vulnerability allows local attackers with write permissions on the system drive root directory to escalate privileges to SYSTEM level by exploiti...

NAS Navigator2 Windows service has an unquoted file path vulnerability that allows local users with write permissions on the system drive root directo...

This vulnerability involves an unquoted search path in the ThermoscanIP_Scrutation service, allowing attackers to execute arbitrary code by placing ma...

CVE-2023-53912 is an unquoted service path vulnerability in USB Flash Drives Control 4.1.0.0 that allows local attackers to execute arbitrary code wit...

This vulnerability in Sunshine game streaming software allows path interception attacks when terminating the service on Windows. Attackers can place m...

This CVE describes an unquoted service path vulnerability in AnyDesk that allows local non-privileged users to escalate privileges to SYSTEM level. At...

CVE-2024-58288 is an unquoted service path vulnerability in Genexus Protection Server 9.7.2.10 that allows local attackers to escalate privileges to L...

This vulnerability allows local attackers with write permissions to directories preceding the UPSilon 2000 service executables to perform path interce...

This vulnerability allows local attackers with filesystem write access to escalate privileges to SYSTEM level by exploiting an unquoted service path i...