Vulnerabilities > Unquoted Search Path or Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-29 | CVE-2020-27645 | Unquoted Search Path or Element vulnerability in 1E Client 5.0.0.745 The Inventory module of the 1E Client 5.0.0.745 doesn't handle an unquoted path when executing %PROGRAMFILES%\1E\Client\Tachyon.Performance.Metrics.exe. | 6.5 |
| 2020-12-29 | CVE-2020-27644 | Unquoted Search Path or Element vulnerability in 1E Client 5.0.0.745 The Inventory module of the 1E Client 5.0.0.745 doesn't handle an unquoted path when executing %PROGRAMFILES%\1E\Client\Tachyon.Performance.Metrics.exe. | 6.5 |
| 2020-11-19 | CVE-2020-28209 | Unquoted Search Path or Element vulnerability in Schneider-Electric Enterprise Server Installer 1.9/3.1 A CWE-428 Windows Unquoted Search Path vulnerability exists in EcoStruxure Building Operation Enterprise Server installer V1.9 - V3.1 and Enterprise Central installer V2.0 - V3.1 that could cause any local Windows user who has write permission on at least one of the subfolders of the Connect Agent service binary path, being able to gain the privilege of the user who started the service. | 4.4 |
| 2020-11-12 | CVE-2020-7331 | Unquoted Search Path or Element vulnerability in Mcafee Endpoint Security Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files. | 7.8 |
| 2020-11-02 | CVE-2020-27992 | Unquoted Search Path or Element vulnerability in Wondershare Dr.Fone 3.0.0 Dr.Fone 3.0.0 allows local users to gain privileges via a Trojan horse DriverInstall.exe because %PROGRAMFILES(X86)%\Wondershare\dr.fone\Library\DriverInstaller has Full Control for BUILTIN\Users. | 7.2 |
| 2020-10-19 | CVE-2020-15261 | Unquoted Search Path or Element vulnerability in Veyon On Windows the Veyon Service before version 4.4.2 contains an unquoted service path vulnerability, allowing locally authenticated users with administrative privileges to run malicious executables with LocalSystem privileges. | 6.7 |
| 2020-10-07 | CVE-2020-7316 | Unquoted Search Path or Element vulnerability in Mcafee File and Removable Media Protection Unquoted service path vulnerability in McAfee File and Removable Media Protection (FRP) prior to 5.3.0 allows local users to execute arbitrary code, with higher privileges, via execution and from a compromised folder. | 7.8 |
| 2020-09-09 | CVE-2020-10051 | Unquoted Search Path or Element vulnerability in Siemens Simatic Rtls Locating Manager 2.10/2.9.3 A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). | 7.2 |
| 2020-09-03 | CVE-2020-7382 | Unquoted Search Path or Element vulnerability in Rapid7 Nexpose Rapid7 Nexpose installer version prior to 6.6.40 contains an Unquoted Search Path which may allow an attacker on the local machine to insert an arbitrary file into the executable path. | 4.4 |
| 2020-07-29 | CVE-2020-13699 | Unquoted Search Path or Element vulnerability in Teamviewer TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. | 6.8 |