Falhas do tipo CWE-428
348 resultadosCVE-2023-38408CRITICALThe PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if EPSS 76.8%CVE-2020-15261HIGHUnquoted service path vulnerability on VeyonEPSS 11.1%CVE-2018-10619—An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may EPSS 2.8%CVE-2017-13993—An Uncontrolled Search Path or Element issue was discovered in i-SENS SmartLog Diabetes Management Software, Version 2.4.0 and prior versionEPSS 1.8%CVE-2020-5147—SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to gain elevated privilEPSS 1.7%CVE-2023-39464HIGHTriangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution VulnerabilityEPSS 1.6%CVE-2017-9644—An Unquoted Search Path or Element issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; EPSS 1.4%CVE-2020-14521HIGHMitsubishi Electric Factory Automation Engineering Products Unquoted Search Path or ElementEPSS 1.2%CVE-2019-8459—Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process without using quotes in the paEPSS 1.2%CVE-2023-31747HIGHWondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushServEPSS 1.2%CVE-2022-37197HIGHIOBit IOTransfer V4 is vulnerable to Unquoted Service Path.EPSS 1.1%CVE-2014-5455MEDIUMUnquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect versionEPSS 1.0%CVE-2021-45460—A vulnerability has been identified in SICAM PQ Analyzer (All versions < V3.18). A service is started by an unquoted registry entry. As therEPSS 0.8%CVE-2019-7590MEDIUMexacqVision Server Unquoted Service PathEPSS 0.8%CVE-2016-15003MEDIUMFileZilla Client Installer uninstall.exe unquoted search pathEPSS 0.7%CVE-2017-12730—An Unquoted Search Path issue was discovered in mySCADA myPRO Versions 7.0.26 and prior. Application services utilize unquoted search path eEPSS 0.7%CVE-2016-20058HIGHNetgate AMITI Antivirus build 23.0.305 Unquoted Service Path Privilege EscalationEPSS 0.7%CVE-2017-6015—Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, wEPSS 0.7%CVE-2024-31804MEDIUMAn unquoted service path vulnerability in Terratec DMX_6Fire USB v.1.23.0.02 allows a local attacker to escalate privileges via the Program.EPSS 0.7%CVE-2024-9287MEDIUMVirtual environment (venv) activation scripts don't quote pathsEPSS 0.6%