Total
201 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-4873 | 1 Adobe | 1 Creative Cloud | 2024-08-05 | N/A |
| Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Unquoted Search Path vulnerability. Successful exploitation could lead to local privilege escalation. | ||||
| CVE-2018-3668 | 1 Intel | 1 Processor Diagnostic Tool | 2024-08-05 | N/A |
| Unquoted service paths in Intel Processor Diagnostic Tool (IPDT) before version 4.1.0.27 allows a local attacker to potentially execute arbitrary code. | ||||
| CVE-2018-3688 | 1 Intel | 1 Quartus Prime Programmer And Tools | 2024-08-05 | N/A |
| Unquoted service paths in Intel Quartus Prime Programmer and Tools in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code. | ||||
| CVE-2018-3687 | 1 Intel | 1 Quartus Ii Programmer And Tools | 2024-08-05 | N/A |
| Unquoted service paths in Intel Quartus II Programmer and Tools in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code. | ||||
| CVE-2018-3683 | 1 Intel | 1 Quartus Prime | 2024-08-05 | N/A |
| Unquoted service paths in Intel Quartus Prime in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code. | ||||
| CVE-2018-3684 | 1 Intel | 1 Quartus Ii | 2024-08-05 | N/A |
| Unquoted service paths in Intel Quartus II in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code. | ||||
| CVE-2018-2406 | 1 Sap | 1 Crystal Reports Server | 2024-08-05 | N/A |
| Unquoted windows search path (directory/path traversal) vulnerability in Crystal Reports Server, OEM Edition (CRSE), 4.0, 4.10, 4.20, 4.30, startup path. | ||||
| CVE-2019-20357 | 2 Microsoft, Trendmicro | 9 Windows, Antivirus \+ Security 2019, Antivirus \+ Security 2020 and 6 more | 2024-08-05 | 7.8 High |
| A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system. | ||||
| CVE-2019-20362 | 2 Microsoft, Teradici | 4 Windows, Pcoip Client, Pcoip Graphics Agent and 1 more | 2024-08-05 | 7.8 High |
| In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3, an unquoted service path can cause execution of %PROGRAMFILES(X86)%\Teradici\PCoIP.exe instead of the intended pcoip_vchan_printing_svc.exe file. | ||||
| CVE-2019-19705 | 1 Lenovo | 272 Aio300-23isu, Aio300-23isu Firmware, Aio310-20iap and 269 more | 2024-08-05 | 7.8 High |
| Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL preloading. | ||||
| CVE-2019-18915 | 1 Hp | 1 System Event Utility | 2024-08-05 | 7.8 High |
| A potential security vulnerability has been identified with certain versions of HP System Event Utility prior to version 1.4.33. This vulnerability may allow a local attacker to execute arbitrary code via an HP System Event Utility system service. | ||||
| CVE-2019-18245 | 1 Reliablecontrols | 1 Rc-licensemanager | 2024-08-05 | 7.8 High |
| Reliable Controls LicenseManager versions 3.4 and prior may allow an authenticated user to insert malicious code into the system root path, which may allow execution of code with elevated privileges of the application. | ||||
| CVE-2019-16647 | 2 Maxthon, Microsoft | 2 Maxthon Browser, Windows | 2024-08-05 | 7.2 High |
| Unquoted Search Path in Maxthon 5.1.0 to 5.2.7 Browser for Windows. | ||||
| CVE-2019-14685 | 2 Microsoft, Trendmicro | 5 Windows, Antivirus \+ Security 2019, Internet Security 2019 and 2 more | 2024-08-05 | N/A |
| A local privilege escalation vulnerability exists in Trend Micro Security 2019 (v15.0) in which, if exploited, would allow an attacker to manipulate a specific product feature to load a malicious service. | ||||
| CVE-2019-11093 | 1 Intel | 1 Scs Discovery Utility | 2024-08-04 | N/A |
| Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-8459 | 1 Checkpoint | 6 Capsule Docs Standalone Client, Endpoint Security Clients, Endpoint Security Server Package and 3 more | 2024-08-04 | N/A |
| Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process without using quotes in the path. This can cause loading of a previously placed executable with a name similar to the parts of the path, instead of the intended one. | ||||
| CVE-2019-7487 | 2 Microsoft, Sonicwall | 3 Windows, Sonicos, Sonicos Sslvpn Nacagent | 2024-08-04 | 7.8 High |
| Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution. | ||||
| CVE-2019-7201 | 1 Qnap | 1 Netbak Replicator | 2024-08-04 | 7.8 High |
| An unquoted service path vulnerability is reported to affect the service QVssService in QNAP NetBak Replicator. This vulnerability could allow an authorized but non-privileged local user to execute arbitrary code with elevated system privileges. QNAP have already fixed this issue in QNAP NetBak Replicator 4.5.12.1108. | ||||
| CVE-2019-6145 | 1 Forcepoint | 1 Vpn Client | 2024-08-04 | 6.7 Medium |
| Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach Labs for finding this vulnerability and for reporting it to us. | ||||
| CVE-2019-6008 | 1 Yokogawa | 8 Exaopc, Exaplog, Exaquantum and 5 more | 2024-08-04 | 7.8 High |
| An unquoted search path vulnerability in Multiple Yokogawa products for Windows (Exaopc (R1.01.00 ? R3.77.00), Exaplog (R1.10.00 ? R3.40.00), Exaquantum (R1.10.00 ? R3.02.00 and R3.15.00), Exaquantum/Batch (R1.01.00 ? R2.50.40), Exasmoc (all revisions), Exarqe (all revisions), GA10 (R1.01.01 ? R3.05.01), and InsightSuiteAE (R1.01.00 ? R1.06.00)) allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges. | ||||