Total
187 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-25552 | 2024-03-01 | N/A | 7.8 HIGH | ||
| A local attacker can gain administrative privileges by inserting an executable file in the path of the affected product. | |||||
| CVE-2023-24542 | 2024-02-14 | N/A | 6.7 MEDIUM | ||
| Unquoted search path or element in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-24682 | 2 Br-automation, Microsoft | 3 Automation Net\/pvi, Automation Studio, Windows | 2024-02-10 | N/A | 7.8 HIGH |
| Unquoted Search Path or Element vulnerability in B&R Industrial Automation Automation Studio, B&R Industrial Automation NET/PVI allows Target Programs with Elevated Privileges.This issue affects Automation Studio: from 4.0 through 4.6, from 4.7.0 before 4.7.7 SP, from 4.8.0 before 4.8.6 SP, from 4.9.0 before 4.9.4 SP; NET/PVI: from 4.0 through 4.6, from 4.7.0 before 4.7.7, from 4.8.0 before 4.8.6, from 4.9.0 before 4.9.4. | |||||
| CVE-2024-1201 | 1 Panterasoft | 1 Hdd Health | 2024-02-09 | N/A | 7.8 HIGH |
| Search path or unquoted item vulnerability in HDD Health affecting versions 4.2.0.112 and earlier. This vulnerability could allow a local attacker to store a malicious executable file within the unquoted search path, resulting in privilege escalation. | |||||
| CVE-2023-7043 | 1 Eset | 6 Endpoint Antivirus, Endpoint Security, Internet Security and 3 more | 2024-02-09 | N/A | 5.5 MEDIUM |
| Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions. | |||||
| CVE-2023-6631 | 1 Subnet | 1 Powersystem Center | 2024-01-11 | N/A | 7.8 HIGH |
| PowerSYSTEM Center versions 2020 Update 16 and prior contain a vulnerability that may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges. | |||||
| CVE-2023-25075 | 1 Intel | 1 Server Configuration Utility | 2023-11-28 | N/A | 7.8 HIGH |
| Unquoted search path in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-32658 | 1 Intel | 11 Hdmi Firmware, Nuc 7 Business Nuc7i3dnhnc, Nuc 7 Business Nuc7i3dnktc and 8 more | 2023-11-20 | N/A | 7.3 HIGH |
| Unquoted search path in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-0392 | 1 Okta | 1 Ldap Agent | 2023-11-16 | N/A | 6.7 MEDIUM |
| The LDAP Agent Update service with versions prior to 5.18 used an unquoted path, which could allow arbitrary code execution. | |||||
| CVE-2020-7331 | 1 Mcafee | 1 Endpoint Security | 2023-11-15 | 4.6 MEDIUM | 7.8 HIGH |
| Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files. | |||||
| CVE-2023-27386 | 1 Intel | 1 Pathfinder For Risc-v | 2023-11-07 | N/A | 7.3 HIGH |
| Uncontrolled search path in some Intel(R) Pathfinder for RISC-V software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-27298 | 1 Intel | 1 Wake Up Latency Tracer | 2023-11-07 | N/A | 8.8 HIGH |
| Uncontrolled search path in the WULT software maintained by Intel(R) before version 1.0.0 (commit id 592300b) may allow an unauthenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2023-24671 | 2 Microsoft, Vxsearch | 2 Windows, Vx Search | 2023-11-07 | N/A | 7.8 HIGH |
| VX Search v13.8 and v14.7 was discovered to contain an unquoted service path vulnerability which allows attackers to execute arbitrary commands at elevated privileges via a crafted executable file. | |||||
| CVE-2023-24575 | 1 Dell | 1 Multifunction Printer E525w Driver And Software Suite | 2023-11-07 | N/A | 7.8 HIGH |
| Dell Multifunction Printer E525w Driver and Software Suite, versions prior to 1.047.2022, A05, contain a local privilege escalation vulnerability that could be exploited by malicious users to compromise the affected system | |||||
| CVE-2023-22841 | 1 Intel | 2 C621a, Server Firmware Update Utility | 2023-11-07 | N/A | 7.3 HIGH |
| Unquoted search path in the software installer for the System Firmware Update Utility (SysFwUpdt) for some Intel(R) Server Boards and Intel(R) Server Systems Based on Intel(R) 621A Chipset before version 16.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-4429 | 1 Avira | 1 Avira Security | 2023-11-07 | N/A | 4.4 MEDIUM |
| Avira Security for Windows contains an unquoted service path which allows attackers with local administrative privileges to cause a Denial of Service. The issue was fixed with Avira Security version 1.1.78 | |||||
| CVE-2022-4258 | 2 Hima, Microsoft | 5 Hopcs, X-opc A\+e, X-opc Da and 2 more | 2023-11-07 | N/A | 7.8 HIGH |
| In multiple versions of HIMA PC based Software an unquoted Windows search path vulnerability might allow local users to gain privileges via a malicious .exe file and gain full access to the system. | |||||
| CVE-2022-43474 | 1 Intel | 2 Dsp Builder, Quartus Prime | 2023-11-07 | N/A | 7.8 HIGH |
| Uncontrolled search path for the DSP Builder software installer before version 22.4 for Intel(R) FPGAs Pro Edition may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-41693 | 1 Intel | 1 Quartus Prime | 2023-11-07 | N/A | 7.8 HIGH |
| Uncontrolled search path in the Intel(R) Quartus(R) Prime Pro edition software before version 22.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-38101 | 1 Intel | 3 Iflashv, Nuc 8 Rugged Kit Nuc8cchkr, Nuc Board Nuc8cchb | 2023-11-07 | N/A | 7.8 HIGH |
| Uncontrolled search path in some Intel(R) NUC Chaco Canyon BIOS update software before version iFlashV Windows 5.13.00.2105 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||