Vulnerabilities > Unquoted Search Path or Element

DATE CVE VULNERABILITY TITLE RISK
2021-07-15 CVE-2020-11632 Unquoted Search Path or Element vulnerability in Zscaler Client Connector
The Zscaler Client Connector prior to 2.1.2.150 did not quote the search path for services, which allows a local adversary to execute code with system privileges.
local
low complexity
zscaler CWE-428
7.8
2021-07-15 CVE-2021-35056 Unquoted Search Path or Element vulnerability in Unisys Stealth
Unisys Stealth 5.1 before 5.1.025.0 and 6.0 before 6.0.055.0 has an unquoted Windows search path for a scheduled task.
local
low complexity
unisys CWE-428
6.7
2021-07-14 CVE-2021-35469 Unquoted Search Path or Element vulnerability in Lexmark products
The Lexmark Printer Software G2, G3 and G4 Installation Packages have a local escalation of privilege vulnerability due to a registry entry that has an unquoted service path.
local
low complexity
lexmark CWE-428
7.8
2021-06-09 CVE-2021-0112 Unquoted Search Path or Element vulnerability in Intel Unite
Unquoted service path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.
local
low complexity
intel CWE-428
7.3
2021-05-10 CVE-2020-22809 Unquoted Search Path or Element vulnerability in Windscribe 1.83.20
In Windscribe v1.83 Build 20, 'WindscribeService' has an Unquoted Service Path that facilitates privilege escalation.
local
low complexity
windscribe CWE-428
7.8
2021-04-29 CVE-2021-31776 Unquoted Search Path or Element vulnerability in Aviatrix VPN Client
Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators.
local
low complexity
aviatrix CWE-428
7.8
2021-04-22 CVE-2021-31553 Unquoted Search Path or Element vulnerability in Mediawiki
An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2.
network
low complexity
mediawiki CWE-428
6.5
2021-04-14 CVE-2021-27608 Unquoted Search Path or Element vulnerability in SAP Setup 9.0
An unquoted service path in SAPSetup, version - 9.0, could lead to privilege escalation during the installation process that is performed when an executable file is registered.
local
high complexity
sap CWE-428
7.5
2021-03-15 CVE-2021-23879 Unquoted Search Path or Element vulnerability in Mcafee Endpoint Product Removal Tool
Unquoted service path vulnerability in McAfee Endpoint Product Removal (EPR) Tool prior to 21.2 allows local administrators to execute arbitrary code, with higher-level privileges, via execution from a compromised folder.
local
low complexity
mcafee CWE-428
6.7
2021-02-03 CVE-2020-35152 Unquoted Search Path or Element vulnerability in Cloudflare Warp 1.2.2544.0
Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path.
local
low complexity
cloudflare CWE-428
7.8