Lucene search

K

Internet Security Security Vulnerabilities

cve
cve

CVE-2023-6154

A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus Plus, Bitdefender Antivirus Free allows an attacker to change the product's expected behavior and potentially load a third-party library upon execution. This...

7.8CVSS

6.9AI Score

0.0004EPSS

2024-04-01 11:15 AM
29
cve
cve

CVE-2024-0353

Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper...

7.8CVSS

7.7AI Score

0.001EPSS

2024-02-15 08:15 AM
19
cve
cve

CVE-2023-28807

In Zscaler Internet Access (ZIA) a mismatch between Connect Host and Client Hello's Server Name Indication (SNI) enables attackers to evade network security controls by hiding their communications within legitimate...

7.5CVSS

7.5AI Score

0.0005EPSS

2024-01-31 08:15 PM
9
cve
cve

CVE-2023-7043

Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT...

5.5CVSS

6.3AI Score

0.0004EPSS

2024-01-31 01:15 PM
13
cve
cve

CVE-2024-23940

Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and...

7.8CVSS

7.8AI Score

0.001EPSS

2024-01-29 07:15 PM
14
cve
cve

CVE-2023-5594

Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as...

8.6CVSS

8.5AI Score

0.0005EPSS

2023-12-21 12:15 PM
23
cve
cve

CVE-2023-3440

Incorrect Default Permissions vulnerability in Hitachi JP1/Performance Management on Windows allows File Manipulation.This issue affects JP1/Performance Management - Manager: from 09-00 before 12-50-07; JP1/Performance Management - Base: from 09-00 through 10-50-*; JP1/Performance Management -...

8.4CVSS

7.6AI Score

0.0004EPSS

2023-10-03 02:15 AM
42
cve
cve

CVE-2023-3160

The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper...

7.8CVSS

7.5AI Score

0.0005EPSS

2023-08-14 10:15 AM
30
cve
cve

CVE-2023-28929

Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific executable file as an execution and/or persistence mechanism which could execute a malicious program each time the executable file is...

7.8CVSS

7.6AI Score

0.001EPSS

2023-06-26 10:15 PM
8
cve
cve

CVE-2022-0357

Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to...

7.8CVSS

7.5AI Score

0.0004EPSS

2023-05-24 08:15 AM
25
cve
cve

CVE-2022-28887

Multiple Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl.dll unpacker handler function crashes. This can lead to a possible scanning engine...

7.5CVSS

7.4AI Score

0.001EPSS

2022-10-12 06:15 PM
29
2
cve
cve

CVE-2009-4804

Cross-site scripting (XSS) vulnerability in the Calendar Base (cal) extension before 1.1.1 for TYPO3, when Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via "search...

5.9AI Score

0.002EPSS

2022-10-03 04:24 PM
18
cve
cve

CVE-2009-5125

Comodo Internet Security before 3.9.95478.509 allows remote attackers to bypass malware detection in an RAR archive via an unspecified manipulation of the archive file...

6.9AI Score

0.002EPSS

2022-10-03 04:24 PM
26
cve
cve

CVE-2009-5123

The Antivirus component in Comodo Internet Security before 3.11.108364.552 allows remote attackers to cause a denial of service (memory consumption) via a crafted compressed...

6.7AI Score

0.001EPSS

2022-10-03 04:24 PM
19
cve
cve

CVE-2009-5124

The Antivirus component in Comodo Internet Security before 3.11.108364.552 allows remote attackers to cause a denial of service (application crash) via a crafted packed...

6.7AI Score

0.001EPSS

2022-10-03 04:24 PM
19
cve
cve

CVE-2009-5126

The Antivirus component in Comodo Internet Security before 3.8.65951.477 allows remote attackers to cause a denial of service (application crash) via a crafted...

6.7AI Score

0.001EPSS

2022-10-03 04:24 PM
18
cve
cve

CVE-2009-5127

The Antivirus component in Comodo Internet Security before 3.8.64739.471 allows remote attackers to cause a denial of service (application crash) via a crafted...

6.7AI Score

0.001EPSS

2022-10-03 04:24 PM
25
cve
cve

CVE-2017-8776

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the...

7.5CVSS

8.6AI Score

0.001EPSS

2022-10-03 04:23 PM
21
cve
cve

CVE-2017-8774

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O...

9.8CVSS

9.3AI Score

0.002EPSS

2022-10-03 04:23 PM
27
cve
cve

CVE-2017-8775

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O...

9.8CVSS

9.3AI Score

0.002EPSS

2022-10-03 04:23 PM
27
cve
cve

CVE-2017-8773

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADER_V1_PACKED. This vulnerability can be...

9.8CVSS

9.8AI Score

0.004EPSS

2022-10-03 04:23 PM
22
cve
cve

CVE-2005-2274

Microsoft Internet Explorer 6.0 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing...

6.5AI Score

0.003EPSS

2022-10-03 04:22 PM
22
cve
cve

CVE-2005-1107

McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain...

6.6AI Score

0.0004EPSS

2022-10-03 04:22 PM
18
cve
cve

CVE-2006-1646

The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in the Shoichi Sakane KAME Project racoon, as used by NetBSD 1.6, 2.x before 20060119, certain FreeBSD releases, and possibly other distributions of BSD or Linux operating systems, when running in aggressive mode, allows...

6.8AI Score

0.006EPSS

2022-10-03 04:21 PM
23
cve
cve

CVE-2010-4502

Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite Plus 2010 allows local users to cause a denial of service (pool corruption) and execute arbitrary code via crafted arguments to the 0x88000080 IOCTL, which triggers a buffer...

7.9AI Score

0.001EPSS

2022-10-03 04:21 PM
21
cve
cve

CVE-2010-4183

Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier before 4.1.0, when Internet Explorer is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) background-image, (2) background, or (3) font-family Cascading Style Sheets (CSS) property, a different....

5.4AI Score

0.003EPSS

2022-10-03 04:21 PM
21
cve
cve

CVE-2010-5156

Race condition in CA Internet Security Suite Plus 2010 6.0.0.272 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes....

6.9AI Score

0.0004EPSS

2022-10-03 04:21 PM
23
cve
cve

CVE-2010-5168

Race condition in Symantec Norton Internet Security 2010 17.5.0.127 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory...

6.9AI Score

0.0004EPSS

2022-10-03 04:21 PM
25
cve
cve

CVE-2010-5163

Race condition in Kaspersky Internet Security 2010 9.0.0.736 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes...

6.9AI Score

0.0004EPSS

2022-10-03 04:21 PM
33
cve
cve

CVE-2010-5179

Race condition in Trend Micro Internet Security Pro 2010 17.50.1647.0000 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory....

6.9AI Score

0.0004EPSS

2022-10-03 04:21 PM
21
4
cve
cve

CVE-2010-5182

Race condition in VirusBuster Internet Security Suite 3.2 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during....

6.9AI Score

0.0004EPSS

2022-10-03 04:21 PM
25
cve
cve

CVE-2010-5185

The Antivirus component in Comodo Internet Security before 5.3.174622.1216 does not check whether X.509 certificates in signed executable files have been revoked, which has unknown impact and remote attack...

7AI Score

0.001EPSS

2022-10-03 04:21 PM
19
cve
cve

CVE-2010-5152

Race condition in AVG Internet Security 9.0.791 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

6.9AI Score

0.0004EPSS

2022-10-03 04:21 PM
18
cve
cve

CVE-2010-5157

Race condition in Comodo Internet Security before 4.1.149672.916 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes....

6.9AI Score

0.0004EPSS

2022-10-03 04:21 PM
18
cve
cve

CVE-2010-5161

Race condition in F-Secure Internet Security 2010 10.00 build 246 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory...

6.9AI Score

0.0004EPSS

2022-10-03 04:21 PM
25
cve
cve

CVE-2010-5151

Race condition in avast! Internet Security 5.0.462 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

6.9AI Score

0.0004EPSS

2022-10-03 04:21 PM
19
cve
cve

CVE-2010-5183

Race condition in Webroot Internet Security Essentials 6.1.0.145 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes....

6.9AI Score

0.0004EPSS

2022-10-03 04:21 PM
20
cve
cve

CVE-2010-5186

The Antivirus component in Comodo Internet Security before 4.1.150349.920 allows remote attackers to cause a denial of service (application crash) via a crafted...

6.7AI Score

0.001EPSS

2022-10-03 04:21 PM
18
cve
cve

CVE-2010-5172

Race condition in Panda Internet Security 2010 15.01.00 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

6.9AI Score

0.0004EPSS

2022-10-03 04:21 PM
16
cve
cve

CVE-2010-1425

F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for...

6.8AI Score

0.004EPSS

2022-10-03 04:20 PM
30
cve
cve

CVE-2014-8661

The SAP CRM Internet Sales module allows remote attackers to execute arbitrary commands via unspecified...

7.9AI Score

0.01EPSS

2022-10-03 04:20 PM
18
cve
cve

CVE-2003-1527

BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed...

7AI Score

0.002EPSS

2022-10-03 04:15 PM
20
cve
cve

CVE-2012-0321

Unspecified vulnerability in the device driver in Kingsoft Internet Security 2011 allows local users to cause a denial of service via a crafted...

6.3AI Score

0.0004EPSS

2022-10-03 04:15 PM
18
cve
cve

CVE-2012-1434

The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an EXE file with a \19\04\00\10 character...

6.7AI Score

0.938EPSS

2022-10-03 04:15 PM
28
cve
cve

CVE-2012-1433

The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an EXE file with a \4a\46\49\46...

6.7AI Score

0.972EPSS

2022-10-03 04:15 PM
26
cve
cve

CVE-2012-1436

The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an EXE file with a \2D\6C\68...

6.7AI Score

0.972EPSS

2022-10-03 04:15 PM
26
cve
cve

CVE-2012-1435

The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an EXE file with a...

6.7AI Score

0.972EPSS

2022-10-03 04:15 PM
29
cve
cve

CVE-2012-1545

Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest...

6.9AI Score

0.01EPSS

2022-10-03 04:15 PM
33
cve
cve

CVE-2011-0248

Stack-based buffer overflow in the QuickTime ActiveX control in Apple QuickTime before 7.7 on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTL...

7.9AI Score

0.01EPSS

2022-10-03 04:15 PM
29
cve
cve

CVE-2011-2382

Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as...

6.5AI Score

0.01EPSS

2022-10-03 04:15 PM
30
Total number of security vulnerabilities1925