• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-428

CVE-2022-35899

February 23, 2023 by godfreyd94

There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILES(X86)%ASUSGameSDK.exe file.

CVE-2022-35292

February 23, 2023 by godfreyd94

In SAP Business One application when a service is created, the executable path contains spaces and isn’t enclosed within quotes, leading to a vulnerability known as Unquoted Service Path which allows a user to gain SYSTEM privileges. If the service is exploited by adversaries, it can be used to gain privileged permissions on a system or network leading to high impact on Confidentiality, Integrity, and Availability.

CVE-2022-33920

February 23, 2023 by godfreyd94

Dell GeoDrive, versions prior to 2.2, contains an Unquoted File Path vulnerability. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context.

CVE-2022-31591

February 23, 2023 by godfreyd94

SAP BusinessObjects BW Publisher Service – versions 420, 430, uses a search path that contains an unquoted element. A local attacker can gain elevated privileges by inserting an executable file in the path of the affected service

CVE-2022-29320

February 23, 2023 by godfreyd94

MiniTool Partition Wizard v12.0 contains an unquoted service path which allows attackers to escalate privileges to the system level.

CVE-2022-27963

February 23, 2023 by godfreyd94

Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 14
  • Go to page 15
  • Go to page 16
  • Go to page 17
  • Go to page 18
  • Go to page 19
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE