Search Results (Refine Search)
- Keyword (text search): unquoted search path
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-23774 |
An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An unquoted Windows search path vulnerability exists in the KSchedulerSvc.exe and AMPTools.exe components. This allows local attackers to execute code of their choice with NT Authority\SYSTEM privileges. Published: April 30, 2024; 10:15:15 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34010 |
Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758. Published: April 29, 2024; 12:15:35 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-4031 |
Unquoted Search Path or Element vulnerability in Logitech MEVO WEBCAM APP on Windows allows Local Execution of Code. Published: April 23, 2024; 3:15:43 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-1618 |
A search path or unquoted item vulnerability in Faronics Deep Freeze Server Standard, which affects versions 8.30.020.4627 and earlier. This vulnerability affects the DFServ.exe file. An attacker with local user privileges could exploit this vulnerability to replace the legitimate DFServ.exe service executable with a malicious file of the same name and located in a directory that has a higher priority than the legitimate directory. Thus, when the service starts, it will run the malicious file instead of the legitimate executable, allowing the attacker to execute arbitrary code, gain unauthorized access to the compromised system or stop the service from running. Published: March 12, 2024; 11:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-24542 |
Unquoted search path or element in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable escalation of privilege via local access. Published: February 14, 2024; 9:15:40 AM -0500 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-1201 |
Search path or unquoted item vulnerability in HDD Health affecting versions 4.2.0.112 and earlier. This vulnerability could allow a local attacker to store a malicious executable file within the unquoted search path, resulting in privilege escalation. Published: February 02, 2024; 7:15:49 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2020-24682 |
Unquoted Search Path or Element vulnerability in B&R Industrial Automation Automation Studio, B&R Industrial Automation NET/PVI allows Target Programs with Elevated Privileges.This issue affects Automation Studio: from 4.0 through 4.6, from 4.7.0 before 4.7.7 SP, from 4.8.0 before 4.8.6 SP, from 4.9.0 before 4.9.4 SP; NET/PVI: from 4.0 through 4.6, from 4.7.0 before 4.7.7, from 4.8.0 before 4.8.6, from 4.9.0 before 4.9.4. Published: February 02, 2024; 3:15:45 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-32658 |
Unquoted search path in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Published: November 14, 2023; 2:15:26 PM -0500 |
V3.1: 7.3 HIGH V2.0:(not available) |
CVE-2023-29165 |
Unquoted search path or element in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow an authenticated user to potentially enable escalation of privilege via local access. Published: November 14, 2023; 2:15:24 PM -0500 |
V3.1: 7.3 HIGH V2.0:(not available) |
CVE-2023-25075 |
Unquoted search path in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. Published: November 14, 2023; 2:15:19 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2021-26738 |
Zscaler Client Connector for macOS prior to 3.7 had an unquoted search path vulnerability via the PATH variable. A local adversary may be able to execute code with root privileges. Published: October 23, 2023; 10:15:09 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2021-26735 |
The Zscaler Client Connector Installer and Unsintallers for Windows prior to 3.6 had an unquoted search path vulnerability. A local adversary may be able to execute code with SYSTEM privileges. Published: October 23, 2023; 10:15:09 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-42486 |
Fortect - CWE-428: Unquoted Search Path or Element, may be used by local user to elevate privileges. Published: September 27, 2023; 11:19:32 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-5012 |
A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requirement. Upgrading to version 2.12.0.259 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-239853 was assigned to this vulnerability. Published: September 16, 2023; 5:15:47 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-4991 |
A vulnerability was found in NextBX QWAlerter 4.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file QWAlerter.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. The identifier of this vulnerability is VDB-239804. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: September 15, 2023; 12:15:08 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-22841 |
Unquoted search path in the software installer for the System Firmware Update Utility (SysFwUpdt) for some Intel(R) Server Boards and Intel(R) Server Systems Based on Intel(R) 621A Chipset before version 16.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access. Published: August 10, 2023; 11:15:17 PM -0400 |
V3.1: 7.3 HIGH V2.0:(not available) |
CVE-2023-3842 |
A vulnerability was found in Pointware EasyInventory 1.0.12.0 and classified as critical. This issue affects some unknown processing of the file C:\Program Files (x86)\EasyInventory\Easy2W.exe. The manipulation leads to unquoted search path. Attacking locally is a requirement. The identifier VDB-235193 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: July 23, 2023; 12:15:09 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-3438 |
An unquoted Windows search path vulnerability existed in the install the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe). The misconfiguration allowed an unauthorized local user to insert arbitrary code into the unquoted service path to obtain privilege escalation and stop antimalware services. Published: July 03, 2023; 4:15:09 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-0357 |
Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45. Published: May 24, 2023; 4:15:08 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-2644 |
A vulnerability, which was classified as problematic, has been found in DigitalPersona FPSensor 1.0.0.1. This issue affects some unknown processing of the file C:\Program Files (x86)\FPSensor\bin\DpHost.exe. The manipulation leads to unquoted search path. Attacking locally is a requirement. The identifier VDB-228773 was assigned to this vulnerability. Published: May 11, 2023; 3:15:08 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |