Total
207 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-1000475 | 1 Freesshd | 1 Freesshd | 2024-11-21 | N/A |
| FreeSSHd 1.3.1 version is vulnerable to an Unquoted Path Service allowing local users to launch processes with elevated privileges. | ||||
| CVE-2012-0945 | 1 Whoopsie-daisy Project | 1 Whoopsie-daisy | 2024-11-21 | 4.9 Medium |
| whoopsie-daisy before 0.1.26: Root user can remove arbitrary files | ||||
| CVE-2024-9325 | 1 Intelbras | 2 Incontrol, Incontrol Web | 2024-11-04 | 7.8 High |
| A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. Upgrading to version 2.21.58 is able to address this issue. It is recommended to upgrade the affected component. The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20. | ||||
| CVE-2024-8996 | 2 Grafana, Microsoft | 3 Agent, Agent Flow Windows, Windows | 2024-10-01 | 7.3 High |
| Unquoted Search Path or Element vulnerability in Grafana Agent (Flow mode) on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Agent Flow: before 0.43.2 | ||||
| CVE-2022-27592 | 1 Qnap | 1 Qvr Smart Client | 2024-09-24 | 6.7 Medium |
| An unquoted search path or element vulnerability has been reported to affect QVR Smart Client. If exploited, the vulnerability could allow local authenticated administrators to execute unauthorized code or commands via unspecified vectors. We have already fixed the vulnerability in the following version: Windows 10 SP1, Windows 11, Mac OS, and Mac M1: QVR Smart Client 2.4.0.0570 and later | ||||
| CVE-2024-31201 | 2 Plug And Track, Proges | 2 Thermoscan Ip, Thermoscan Ip | 2024-08-12 | 6.5 Medium |
| A “CWE-428: Unquoted Search Path or Element” affects the ThermoscanIP_Scrutation service. Such misconfiguration could be abused in scenarios where incorrect permissions were assigned to the C:\ path to attempt a privilege escalation on the local machine. | ||||
| CVE-2024-5963 | 1 Hitachi | 1 Device Manager | 2024-08-08 | 6.7 Medium |
| Unquoted Executable Path vulnerability in Hitachi Device Manager on Windows (Device Manager Server component).This issue affects Hitachi Device Manager: before 8.8.7-00. | ||||