Vulnerabilities > Unquoted Search Path or Element

DATE CVE VULNERABILITY TITLE RISK
2022-01-11 CVE-2021-45460 Unquoted Search Path or Element vulnerability in Siemens Sicam PQ Analyzer Firmware 3.11
A vulnerability has been identified in SICAM PQ Analyzer (All versions < V3.18).
network
low complexity
siemens CWE-428
5.5
2021-11-26 CVE-2021-25269 Unquoted Search Path or Element vulnerability in Sophos products
A local administrator could prevent the HMPA service from starting despite tamper protection using an unquoted service path vulnerability in the HMPA component of Sophos Intercept X Advanced and Sophos Intercept X Advanced for Server before version 2.0.23, as well as Sophos Exploit Prevention before version 3.8.3.
local
low complexity
sophos CWE-428
2.1
2021-11-18 CVE-2021-23197 Unquoted Search Path or Element vulnerability in Gallagher Command Centre
Unquoted service path vulnerability in the Gallagher Controller Service allows an unprivileged user to execute arbitrary code as the account that runs the Controller Service.
local
low complexity
gallagher CWE-428
4.6
2021-11-17 CVE-2021-33095 Unquoted Search Path or Element vulnerability in Intel NUC M15 Laptop KIT Keyboard LED Service Driver Pack
Unquoted search path in the installer for the Intel(R) NUC M15 Laptop Kit Keyboard LED Service driver pack before version 1.0.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-428
7.2
2021-11-12 CVE-2021-42563 Unquoted Search Path or Element vulnerability in NI Service Locator
There is an Unquoted Service Path in NI Service Locator (nisvcloc.exe) in versions prior to 18.0 on Windows.
local
low complexity
ni CWE-428
4.6
2021-10-25 CVE-2021-35231 Unquoted Search Path or Element vulnerability in Solarwinds Kiwi Syslog Server
As a result of an unquoted service path vulnerability present in the Kiwi Syslog Server Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry.
local
low complexity
solarwinds CWE-428
4.6
2021-10-04 CVE-2021-40683 Unquoted Search Path or Element vulnerability in Akamai Enterprise Application Access 2.0.1/2.4.0
In Akamai EAA (Enterprise Application Access) Client before 2.3.1, 2.4.x before 2.4.1, and 2.5.x before 2.5.3, an unquoted path may allow an attacker to hijack the flow of execution.
local
akamai CWE-428
4.4
2021-07-15 CVE-2020-11632 Unquoted Search Path or Element vulnerability in Zscaler Client Connector
The Zscaler Client Connector prior to 2.1.2.150 did not quote the search path for services, which allows a local adversary to execute code with system privileges.
local
low complexity
zscaler CWE-428
7.2
2021-07-15 CVE-2021-35056 Unquoted Search Path or Element vulnerability in Unisys Stealth
Unisys Stealth 5.1 before 5.1.025.0 and 6.0 before 6.0.055.0 has an unquoted Windows search path for a scheduled task.
local
low complexity
unisys CWE-428
4.6
2021-07-14 CVE-2021-35469 Unquoted Search Path or Element vulnerability in Lexmark products
The Lexmark Printer Software G2, G3 and G4 Installation Packages have a local escalation of privilege vulnerability due to a registry entry that has an unquoted service path.
local
low complexity
lexmark CWE-428
7.2