CVEs classified under CWE-428, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2022-50935 — CVSS 9.8 (critical): Flame II HSPA USB Modem contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the…
CVE-2023-38408 — CVSS 9.8 (critical): The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if…
CVE-2022-36344 — CVSS 9.8 (critical): An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with multiple products for corporate…
CVE-2020-9292 — CVSS 9.8 (critical): An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an attacker to gain elevated privileges via the…
CVE-2019-17658 — CVSS 9.8 (critical): An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and prior allow an attacker to…
CVE-2019-8459 — CVSS 9.8 (critical): Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process without using quotes in the…
CVE-2025-8070: The Windows service configuration of ABP and AES contains an unquoted ImagePath registry value vulnerability. This allows a local attacker…
CVE-2024-24722 — CVSS 9.1 (critical): An unquoted service path vulnerability in the 12d Synergy Server and File Replication Server components may allow an attacker to gain…
CVE-2025-12507 — CVSS 8.8 (high): The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS…
CVE-2023-27298 — CVSS 8.8 (high): Uncontrolled search path in the WULT software maintained by Intel(R) before version 1.0.0 (commit id 592300b) may allow an unauthenticated…
CVE-2020-27645 — CVSS 8.8 (high): The Inventory module of the 1E Client 5.0.0.745 doesn't handle an unquoted path when executing %PROGRAMFILES%\1E\Client\Tachyon.Performance…
CVE-2020-27644 — CVSS 8.8 (high): The Inventory module of the 1E Client 5.0.0.745 doesn't handle an unquoted path when executing %PROGRAMFILES%\1E\Client\Tachyon.Performance…
CVE-2016-5793 — CVSS 8.8 (high): Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse…
CVE-2024-58288: Genexus Protection Server 9.7.2.10 contains an unquoted service path vulnerability in the protsrvservice Windows service configuration…
CVE-2020-36879: Flexsense DiskBoss 11.7.28 allows unauthenticated attackers to elevate their privileges using any of its services, enabling remote code…
CVE-2025-36384 — CVSS 8.4 (high): IBM Db2 for Windows 12.1.0 - 12.1.3 could allow a local user with filesystem access to escalate their privileges due to the use of an…
CVE-2023-54338 — CVSS 8.4 (high): Tftpd32 SE 4.60 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with…
CVE-2023-54336 — CVSS 8.4 (high): Mediconta 3.7.27 contains an unquoted service path vulnerability in the servermedicontservice that allows local users to potentially…
CVE-2023-53984 — CVSS 8.4 (high): Clevo HotKey Clipboard 2.1.0.6 contains an unquoted service path vulnerability in the HKClipSvc service that allows local non-privileged…
CVE-2022-50938 — CVSS 8.4 (high): CONTPAQi AdminPAQ 14.0.0 contains an unquoted service path vulnerability in the AppKeyLicenseServer service running with LocalSystem…
CVE-2022-50930 — CVSS 8.4 (high): Emerson PAC Machine Edition 9.80 contains an unquoted service path vulnerability in the TrapiServer service that allows local users to…
CVE-2022-50929 — CVSS 8.4 (high): Connectify Hotspot 2018 contains an unquoted service path vulnerability in its ConnectifyService executable that allows local attackers to…
CVE-2022-50924 — CVSS 8.4 (high): Private Internet Access 3.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code…
CVE-2022-50920 — CVSS 8.4 (high): Sandboxie-Plus 5.50.2 contains an unquoted service path vulnerability in the SbieSvc Windows service that allows local attackers to…
CVE-2022-50918 — CVSS 8.4 (high): VIVE Runtime Service 1.0.0.4 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with…
CVE-2022-50914 — CVSS 8.4 (high): EaseUS Data Recovery 15.1.0.0 contains an unquoted service path vulnerability in the EaseUS UPDATE SERVICE executable. Attackers can…
CVE-2022-50913 — CVSS 8.4 (high): ITeC ITeCProteccioAppServer contains an unquoted service path vulnerability that allows local attackers to execute code with elevated…
CVE-2022-50904 — CVSS 8.4 (high): Wondershare UBackit 2.0.5 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code…
CVE-2022-50903 — CVSS 8.4 (high): Wondershare MobileTrans 3.5.9 contains an unquoted service path vulnerability in the ElevationService that allows local users to…
CVE-2022-50901 — CVSS 8.4 (high): Wondershare Dr.Fone 11.4.9 contains an unquoted service path vulnerability in the DFWSIDService that allows local users to potentially…
CVE-2022-50900 — CVSS 8.4 (high): Wondershare Dr.Fone 12.0.18 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated…
CVE-2022-50693 — CVSS 8.4 (high): Splashtop 8.71.12001.0 contains an unquoted service path vulnerability in the Splashtop Software Updater Service that allows local…
CVE-2019-25231 — CVSS 8.4 (high): devolo dLAN Cockpit 4.3.1 contains an unquoted service path vulnerability in the 'DevoloNetworkService' that allows local non-privileged…
CVE-2020-36903 — CVSS 8.4 (high): Selea CarPlateServer 4.0.1.6 contains an unquoted service path vulnerability in the Windows service configuration that allows local users…
CVE-2021-47739 — CVSS 8.4 (high): Epic Games Easy Anti-Cheat 4.0 contains an unquoted service path vulnerability that allows local non-privileged users to execute arbitrary…
CVE-2023-53965 — CVSS 8.4 (high): SOUND4 Server Service 4.1.102 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute…
CVE-2022-50688 — CVSS 8.4 (high): Cobian Backup Gravity 11.2.0.582 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary…
CVE-2023-53947 — CVSS 8.4 (high): OCS Inventory NG 2.3.0.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges to system…
CVE-2023-53946 — CVSS 8.4 (high): Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability in the ArcSoft Exchange Service that allows local attackers…
CVE-2025-10714 — CVSS 8.4 (high): AXIS Optimizer was vulnerable to an unquoted search path vulnerability, which could potentially lead to privilege escalation within…
CVE-2020-5569 — CVSS 8.4 (high): An unquoted search path vulnerability exists in HDD Password tool (for Windows) version 1.20.6620 and earlier which is stored in CANVIO…
CVE-2024-34010 — CVSS 8.2 (high): Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud…
CVE-2021-45460 — CVSS 8.1 (high): A vulnerability has been identified in SICAM PQ Analyzer (All versions < V3.18). A service is started by an unquoted registry entry. As…
CVE-2020-15261 — CVSS 8.0 (high): On Windows the Veyon Service before version 4.4.2 contains an unquoted service path vulnerability, allowing locally authenticated users…
CVE-2025-71326 — CVSS 7.8 (high): AVAST Antivirus 25.11 contains an unquoted service path vulnerability in the SecureLine service that allows local non-privileged users to…
CVE-2023-54353 — CVSS 7.8 (high): Chromacam 4.0.3.0 contains an unquoted service path vulnerability in the PsyFrameGrabberService that allows local attackers to execute…
CVE-2022-50971 — CVSS 7.8 (high): Malwarebytes 4.5 contains an unquoted service path vulnerability in the MBAMService executable that allows local attackers to escalate…
CVE-2021-47985 — CVSS 7.8 (high): Brother SAPSprint 7.60 contains an unquoted service path vulnerability in the SAPSprint service binary that allows local attackers to…
CVE-2020-37254 — CVSS 7.8 (high): Wondershare PDFelement 5.2.9 contains a privilege escalation vulnerability due to an unquoted service path in the WsAppService Windows…
CVE-2020-37253 — CVSS 7.8 (high): Winstep 18.06.0096 contains an unquoted service path vulnerability in the Winstep Xtreme Service that allows local attackers to escalate…