Export limit exceeded: 364647 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (2570 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2019-25266 1 Wondershare 1 Application Framework Service 2026-04-15 7.8 High
Wondershare Application Framework Service 2.4.3.231 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific directory locations to hijack the service's execution context.
CVE-2024-36280 1 Intel 1 High Level Synthesis Compiler 2026-04-15 6.7 Medium
Uncontrolled search path for some Intel(R) High Level Synthesis Compiler software before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-36283 2026-04-15 6.7 Medium
Uncontrolled search path for the Intel(R) Thread Director Visualizer software before version 1.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-36291 2026-04-15 6.7 Medium
Uncontrolled search path for some Intel(R) Chipset Software Installation Utility before version 10.1.19867.8574 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-36321 2026-04-15 7.3 High
Unquoted search path within AIM-T Manageability Service can allow a local attacker to escalate privileges, potentially resulting in arbitrary code execution.
CVE-2024-33578 1 Lenovo 1 Leyun 2026-04-15 7.8 High
A DLL hijack vulnerability was reported in Lenovo Leyun that could allow a local attacker to execute code with elevated privileges.
CVE-2024-3640 2026-04-15 N/A
An unquoted executable path exists in the Rockwell Automation FactoryTalk® Remote Access™ possibly resulting in remote code execution if exploited. While running the FTRA installer package, the executable path is not properly quoted, which could allow a threat actor to enter a malicious executable and run it as a System user. A threat actor needs admin privileges to exploit this vulnerability.
CVE-2021-47859 2 Actividentity, Hid Global 2 Activclient Cac, Actividentity 2026-04-15 7.8 High
ActivIdentity 8.2 contains an unquoted service path vulnerability in the ac.sharedstore service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in C:\Program Files\Common Files\ActivIdentity\ to inject malicious executables and escalate privileges.
CVE-2025-41727 1 Beckhoff 4 Beckhoff.device.manager.xar, Mdp Package, Twincat and 1 more 2026-04-15 7.8 High
A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access.
CVE-2025-48201 2026-04-15 8.6 High
The ns_backup extension through 13.0.0 for TYPO3 has a Predictable Resource Location.
CVE-2025-48202 2026-04-15 5.3 Medium
The femanager extension through 8.2.1 for TYPO3 allows Insecure Direct Object Reference.
CVE-2025-48205 1 Typo3 1 Sr Feuser Register Extension 2026-04-15 8.6 High
The sr_feuser_register extension through 12.4.8 for TYPO3 allows Insecure Direct Object Reference.
CVE-2025-48207 2026-04-15 8.6 High
The reint_downloadmanager extension through 5.0.0 for TYPO3 allows Insecure Direct Object Reference.
CVE-2021-47878 1 Luidia 1 Ebeam Education Suite 2026-04-15 7.8 High
eBeam Education Suite 2.5.0.9 contains an unquoted service path vulnerability in the eBeam Device Service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem privileges during service startup.
CVE-2024-23312 1 Intel Binary Configuration Tool Software For Windows 1 Intel Binary Configuration Tool Software For Windows 2026-04-15 6.7 Medium
Uncontrolled search path for some Intel(R) Binary Configuration Tool software for Windows before version 3.4.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2021-47874 1 Vfsforgit 1 Vfs For Git 2026-04-15 7.8 High
VFS for Git 1.0.21014.1 contains an unquoted service path vulnerability in the GVFS.Service Windows service that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem privileges during service startup or system reboot.
CVE-2025-52920 2026-04-15 6.4 Medium
Innoshop through 0.4.1 allows Insecure Direct Object Reference (IDOR) at multiple places within the frontend shop. Anyone can create a customer account and easily exploit these. Successful exploitation results in disclosure of the PII of other customers and the deletion of their reviews of products on the website. To be specific, an attacker could view the order details of any order by browsing to /en/account/orders/_ORDER_ID_ or use the address and billing information of other customers by manipulating the shipping_address_id and billing_address_id parameters when making an order (this information is then reflected in the receipt). Additionally, an attacker could delete the reviews of other users by sending a DELETE request to /en/account/reviews/_REVIEW_ID.
CVE-2025-52921 2026-04-15 9.9 Critical
In Innoshop through 0.4.1, an authenticated attacker could exploit the File Manager functions in the admin panel to achieve code execution on the server, by uploading a crafted file and then renaming it to have a .php extension by using the Rename Function. This bypasses the initial check that uploaded files are image files. The application relies on frontend checks to restrict the administrator from changing the extension of uploaded files to .php. This restriction is easily bypassed with any proxy tool (e.g., BurpSuite). Once the attacker renames the file, and gives it the .php extension, a GET request can be used to trigger the execution of code on the server.
CVE-2025-52968 1 Freedesktop 1 Xdg-utils 2026-04-15 2.7 Low
xdg-open in xdg-utils through 1.2.1 can send requests containing SameSite=Strict cookies, which can facilitate CSRF. (For example, xdg-open could be modified to, by default, associate x-scheme-handler/https with the execution of a browser with command-line options that arrange for an empty cookie store, although this would add substantial complexity, and would not be considered a desirable or expected behavior by all users.) NOTE: this is disputed because integrations of xdg-open typically do not provide information about whether the xdg-open command and arguments were manually entered by a user, or whether they were the result of a navigation from content in an untrusted origin.
CVE-2025-53073 1 Sentry 1 Sentry 2026-04-15 4.2 Medium
In Sentry 25.1.0 through 25.5.1, an authenticated attacker can access a project's issue endpoint and perform unauthorized actions (such as adding a comment) without being a member of the project's team. A seven-digit issue ID must be known (it is not treated as a secret and might be mentioned publicly, or it could be predicted).