Total
187 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27095 | 1 Battleye | 1 Battleye | 2022-05-26 | 7.2 HIGH | 7.8 HIGH |
| BattlEye v0.9 contains an unquoted service path which allows attackers to escalate privileges to the system level. | |||||
| CVE-2022-29320 | 1 Minitool | 1 Partition Wizard | 2022-05-26 | 7.2 HIGH | 7.8 HIGH |
| MiniTool Partition Wizard v12.0 contains an unquoted service path which allows attackers to escalate privileges to the system level. | |||||
| CVE-2022-27905 | 1 Controlup | 1 Controlup | 2022-05-09 | 9.0 HIGH | 7.2 HIGH |
| In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive (C:\) to exploit this. | |||||
| CVE-2018-14789 | 1 Philips | 2 Intellispace Cardiovascular, Xcelera | 2022-04-22 | 4.6 MEDIUM | 6.7 MEDIUM |
| In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 3.1 or prior and Xcelera Version 4.1 or prior), an unquoted search path or element vulnerability has been identified, which may allow an attacker to execute arbitrary code and escalate their level of privileges. | |||||
| CVE-2019-6145 | 1 Forcepoint | 1 Vpn Client | 2022-04-18 | 7.2 HIGH | 6.7 MEDIUM |
| Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach Labs for finding this vulnerability and for reporting it to us. | |||||
| CVE-2022-27089 | 1 Fujitsu | 1 Plugfree Network | 2022-04-15 | 7.2 HIGH | 7.8 HIGH |
| In Fujitsu PlugFree Network <= 7.3.0.3, an Unquoted service path in PFNService.exe software allows a local attacker to potentially escalate privileges to system level. | |||||
| CVE-2022-27088 | 1 Ivanti | 1 Dsm Remote | 2022-04-15 | 4.6 MEDIUM | 7.8 HIGH |
| Ivanti DSM Remote <= 6.3.1.1862 is vulnerable to an unquoted service path allowing local users to launch processes with elevated privileges. | |||||
| CVE-2022-23909 | 2 Gimmal, Microsoft | 2 Sherpa Connector Service, Windows | 2022-04-12 | 7.2 HIGH | 7.8 HIGH |
| There is an unquoted service path in Sherpa Connector Service (SherpaConnectorService.exe) 2020.2.20328.2050. This might allow a local user to escalate privileges by creating a "C:\Program Files\Sherpa Software\Sherpa.exe" file. | |||||
| CVE-2021-43458 | 1 Vembu | 1 Bdr Suite | 2022-04-12 | 7.2 HIGH | 7.8 HIGH |
| An Unquoted Service Path vulnerability exits in Vembu BDR 4.2.0.1 via a specially crafted file in the (1) hsflowd, (2) VembuBDR360Agent, or (3) VembuOffice365Agent service paths. | |||||
| CVE-2021-43457 | 1 Bvpn | 1 Bvpn | 2022-04-12 | 7.2 HIGH | 7.8 HIGH |
| An Unquoted Service Path vulnerability exists in bVPN 2.5.1 via a specially crafted file in the waselvpnserv service path. | |||||
| CVE-2021-43455 | 1 Freelan | 1 Freelan | 2022-04-11 | 7.2 HIGH | 7.8 HIGH |
| An Unquoted Service Path vulnerability exists in FreeLAN 2.2 via a specially crafted file in the FreeLAN Service path. | |||||
| CVE-2021-43454 | 1 Anytxt | 1 Anytxt Searcher | 2022-04-11 | 4.6 MEDIUM | 7.8 HIGH |
| An Unquoted Service Path vulnerability exists in AnyTXT Searcher 1.2.394 via a specially crafted file in the ATService path. . | |||||
| CVE-2021-43460 | 1 Systemexplorer | 1 System Explorer | 2022-04-11 | 7.2 HIGH | 7.8 HIGH |
| An Unquoted Service Path vulnerability exists in System Explorer 7.0.0 via via a specially crafted file in the SystemExplorerHelpService service executable path. | |||||
| CVE-2021-43463 | 1 Ext2 File System Driver Project | 1 Ext2 File System Driver | 2022-04-11 | 7.2 HIGH | 7.8 HIGH |
| An Unquoted Service Path vulnerability exists in Ext2Fsd v0.68 via a specially crafted file in the Ext2Srv Service executable service path. | |||||
| CVE-2022-27964 | 2 Microsoft, Netsarang | 2 Windows, Xmanager | 2022-04-08 | 6.9 MEDIUM | 6.5 MEDIUM |
| Xmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. | |||||
| CVE-2022-27052 | 1 Freesshd | 1 Freeftpd | 2022-04-08 | 7.2 HIGH | 7.8 HIGH |
| FreeFtpd version 1.0.13 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges. | |||||
| CVE-2022-27963 | 2 Microsoft, Netsarang | 2 Windows, Xftp | 2022-04-08 | 6.9 MEDIUM | 6.5 MEDIUM |
| Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. | |||||
| CVE-2022-27050 | 2 Bitcomet, Microsoft | 2 Bitcomet, Windows | 2022-04-08 | 7.2 HIGH | 7.8 HIGH |
| BitComet Service for Windows before version 1.8.6 contains an unquoted service path vulnerability which allows attackers to escalate privileges to the system level. | |||||
| CVE-2022-27966 | 2 Microsoft, Netsarang | 2 Windows, Xshell | 2022-04-08 | 6.9 MEDIUM | 6.5 MEDIUM |
| Xshell v7.0.0099 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. | |||||
| CVE-2022-27965 | 2 Microsoft, Netsarang | 2 Windows, Xlpd | 2022-04-08 | 6.9 MEDIUM | 6.5 MEDIUM |
| Xlpd v7.0.0094 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. | |||||