Vulnerabilities > Unquoted Search Path or Element

DATE CVE VULNERABILITY TITLE RISK
2024-07-31 CVE-2024-31201 Unquoted Search Path or Element vulnerability in Proges Thermoscan IP 20211103
A “CWE-428: Unquoted Search Path or Element” affects the ThermoscanIP_Scrutation service.
local
low complexity
proges CWE-428
6.7
2024-07-15 CVE-2024-5402 Unquoted Search Path or Element vulnerability in ABB Mint Workbench 5866/5868
Unquoted Search Path or Element vulnerability in ABB Mint Workbench. A local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service. This issue affects Mint Workbench I versions: from 5866 before 5868.
local
low complexity
abb CWE-428
7.8
2024-06-12 CVE-2024-2747 Unquoted Search Path or Element vulnerability in Schneider-Electric Easergy Studio
CWE-428: Unquoted search path or element vulnerability exists in Easergy Studio, which could cause privilege escalation when a valid user replaces a trusted file name on the system and reboots the machine.
local
low complexity
schneider-electric CWE-428
7.8
2024-02-02 CVE-2024-1201 Unquoted Search Path or Element vulnerability in Panterasoft HDD Health 4.2.0.112
Search path or unquoted item vulnerability in HDD Health affecting versions 4.2.0.112 and earlier.
local
low complexity
panterasoft CWE-428
7.8
2024-02-02 CVE-2020-24682 Unquoted Search Path or Element vulnerability in Br-Automation Automation Studio
Unquoted Search Path or Element vulnerability in B&R Industrial Automation Automation Studio, B&R Industrial Automation NET/PVI allows Target Programs with Elevated Privileges.This issue affects Automation Studio: from 4.0 through 4.6, from 4.7.0 before 4.7.7 SP, from 4.8.0 before 4.8.6 SP, from 4.9.0 before 4.9.4 SP; NET/PVI: from 4.0 through 4.6, from 4.7.0 before 4.7.7, from 4.8.0 before 4.8.6, from 4.9.0 before 4.9.4.
local
low complexity
br-automation CWE-428
7.8
2024-01-31 CVE-2023-7043 Unquoted Search Path or Element vulnerability in Eset products
Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions.
local
low complexity
eset CWE-428
5.5
2024-01-08 CVE-2023-6631 Unquoted Search Path or Element vulnerability in Subnet Powersystem Center 2020
PowerSYSTEM Center versions 2020 Update 16 and prior contain a vulnerability that may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.
local
low complexity
subnet CWE-428
7.8
2023-11-14 CVE-2023-25075 Unquoted Search Path or Element vulnerability in Intel Server Configuration Utility 16.0.7/16.0.8
Unquoted search path in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-428
7.8
2023-11-14 CVE-2023-29165 Unquoted Search Path or Element vulnerability in Intel ARC a Graphics and Iris XE Graphics
Unquoted search path or element in some Intel(R) Arc(TM) Control software before version 1.73.5335.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-428
7.3
2023-11-14 CVE-2023-32658 Unquoted Search Path or Element vulnerability in Intel Hdmi Firmware
Unquoted search path in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-428
7.3