Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38408 | 2 Fedoraproject, Openbsd | 2 Fedora, Openssh | 2023-12-22 | N/A | 9.8 CRITICAL |
| The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009. | |||||
| CVE-2019-17658 | 1 Fortinet | 1 Forticlient | 2021-04-29 | 7.5 HIGH | 9.8 CRITICAL |
| An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and prior allow an attacker to gain elevated privileges via the FortiClientConsole executable service path. | |||||
| CVE-2020-9292 | 1 Fortinet | 1 Fortisiem Windows Agent | 2020-06-09 | 7.5 HIGH | 9.8 CRITICAL |
| An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an attacker to gain elevated privileges via the AoWinAgt executable service path. | |||||
| CVE-2019-8459 | 1 Checkpoint | 6 Capsule Docs Standalone Client, Endpoint Security Clients, Endpoint Security Server Package and 3 more | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process without using quotes in the path. This can cause loading of a previously placed executable with a name similar to the parts of the path, instead of the intended one. | |||||