Vulnerabilities > Unquoted Search Path or Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-04 | CVE-2021-43458 | Unquoted Search Path or Element vulnerability in Vembu BDR Suite 4.2.0.1 An Unquoted Service Path vulnerability exits in Vembu BDR 4.2.0.1 via a specially crafted file in the (1) hsflowd, (2) VembuBDR360Agent, or (3) VembuOffice365Agent service paths. | 7.2 |
| 2022-03-31 | CVE-2022-27050 | Unquoted Search Path or Element vulnerability in Bitcomet BitComet Service for Windows before version 1.8.6 contains an unquoted service path vulnerability which allows attackers to escalate privileges to the system level. | 7.2 |
| 2022-03-31 | CVE-2022-27052 | Unquoted Search Path or Element vulnerability in Freesshd Freeftpd FreeFtpd version 1.0.13 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges. | 7.2 |
| 2022-03-31 | CVE-2022-27963 | Unquoted Search Path or Element vulnerability in Netsarang Xftp Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. | 6.9 |
| 2022-03-31 | CVE-2022-27964 | Unquoted Search Path or Element vulnerability in Netsarang Xmanager 3.0.127/3.0.218/4.0.165 Xmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. | 6.9 |
| 2022-03-31 | CVE-2022-27965 | Unquoted Search Path or Element vulnerability in Netsarang Xlpd Xlpd v7.0.0094 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. | 6.9 |
| 2022-03-31 | CVE-2022-27966 | Unquoted Search Path or Element vulnerability in Netsarang Xshell 7 Xshell v7.0.0099 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. | 6.9 |
| 2022-03-17 | CVE-2022-0237 | Unquoted Search Path or Element vulnerability in Rapid7 Insight Agent Rapid7 Insight Agent versions 3.1.2.38 and earlier suffer from a privilege escalation vulnerability, whereby an attacker can hijack the flow of execution due to an unquoted argument to the runas.exe command used by the ir_agent.exe component, resulting in elevated rights and persistent access to the machine. | 7.2 |
| 2022-03-03 | CVE-2021-45819 | Unquoted Search Path or Element vulnerability in Wordline Hidccemonitorsvc Wordline HIDCCEMonitorSVC before v5.2.4.3 contains an unquoted service path which allows attackers to escalate privileges to the system level. | 7.2 |
| 2022-03-03 | CVE-2022-25031 | Unquoted Search Path or Element vulnerability in Rdpsoft Remote Desktop Commander Suite Agent Remote Desktop Commander Suite Agent before v4.8 contains an unquoted service path which allows attackers to escalate privileges to the system level. | 6.9 |