CWE-428

An Unquoted Service Path vulnerablility exists in Rumble Mail Server 0.51.3135 via via a specially crafted file in the RumbleService executable service path.

An Unquoted Service Path vulnerability exists in bVPN 2.5.1 via a specially crafted file in the waselvpnserv service path.

An Unquoted Service Path vulnerability exits in Vembu BDR 4.2.0.1 via a specially crafted file in the (1) hsflowd, (2) VembuBDR360Agent, or (3) VembuOffice365Agent service paths.

An Unquoted Service Path vulnerability exists in System Explorer 7.0.0 via via a specially crafted file in the SystemExplorerHelpService service executable path.

An Unquoted Service Path vulnerability exists in Ext2Fsd v0.68 via a specially crafted file in the Ext2Srv Service executable service path.

There is an Unquoted Service Path in NI Service Locator (nisvcloc.exe) in versions prior to 18.0 on Windows. This may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.