Vulnerabilities > Unquoted Search Path or Element

DATE CVE VULNERABILITY TITLE RISK
2019-01-16 CVE-2017-3141 Unquoted Search Path or Element vulnerability in ISC Bind
The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this.
local
low complexity
isc CWE-428
7.2
2019-01-09 CVE-2018-16183 Unquoted Search Path or Element vulnerability in Panasonic products
An unquoted search path vulnerability in some pre-installed applications on Panasonic PC run on Windows 7 (32bit), Windows 7 (64bit), Windows 8 (64bit), Windows 8.1 (64bit), Windows 10 (64bit) delivered in or later than October 2009 allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges.
6.8
2018-08-22 CVE-2018-14789 Unquoted Search Path or Element vulnerability in Philips Intellispace Cardiovascular and Xcelera
In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 3.1 or prior and Xcelera Version 4.1 or prior), an unquoted search path or element vulnerability has been identified, which may allow an attacker to execute arbitrary code and escalate their level of privileges.
local
low complexity
philips CWE-428
4.6
2018-08-10 CVE-2018-11063 Unquoted Search Path or Element vulnerability in Dell Wyse Management Suite
Dell WMS versions 1.1 and prior are impacted by multiple unquoted service path vulnerabilities.
local
low complexity
dell CWE-428
4.6
2018-07-10 CVE-2018-3688 Unquoted Search Path or Element vulnerability in Intel Quartus Prime Programmer and Tools
Unquoted service paths in Intel Quartus Prime Programmer and Tools in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code.
local
low complexity
intel CWE-428
4.6
2018-07-10 CVE-2018-3687 Unquoted Search Path or Element vulnerability in Intel Quartus II Programmer and Tools
Unquoted service paths in Intel Quartus II Programmer and Tools in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code.
local
low complexity
intel CWE-428
4.6
2018-07-10 CVE-2018-3684 Unquoted Search Path or Element vulnerability in Intel Quartus II
Unquoted service paths in Intel Quartus II in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code.
local
low complexity
intel CWE-428
4.6
2018-07-10 CVE-2018-3683 Unquoted Search Path or Element vulnerability in Intel Quartus Prime
Unquoted service paths in Intel Quartus Prime in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code.
local
low complexity
intel CWE-428
4.6
2018-07-10 CVE-2018-3668 Unquoted Search Path or Element vulnerability in Intel Processor Diagnostic Tool 4.1.0.24
Unquoted service paths in Intel Processor Diagnostic Tool (IPDT) before version 4.1.0.27 allows a local attacker to potentially execute arbitrary code.
local
low complexity
intel CWE-428
4.6
2018-06-13 CVE-2017-11672 Unquoted Search Path or Element vulnerability in Opcfoundation Local Discovery Server 1.03.355
The OPC Foundation Local Discovery Server (LDS) before 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges.
local
low complexity
opcfoundation CWE-428
7.2