Brightcloud Security Vulnerabilities and Issues — Brightcloud CVE List

cve

CVE-2018-4012

An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bc_http_read_header incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated attacker could impersonate a remote BrightCloud serv...

9CVSS

8.4AI Score

0.003EPSS

2019-01-03 11:00 PM

24

cve

CVE-2018-4015

An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK. The configuration of the HTTP client does not enforce a secure connection by default, resulting in a failure to validate TLS certificates. An attacker could impersonate a remote BrightCloud server t...

8.1CVSS

7.9AI Score

0.002EPSS

2018-12-18 02:29 PM

34

cve

CVE-2021-40424

An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B_03 of Webroot Secure Anywhere 21.4. A specially-crafted executable can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability. An out-of-bounds read vulnerability exists in the IOCTL Get...

6.5CVSS

6.2AI Score

0.0004EPSS

2022-04-14 08:15 PM

27

cve

CVE-2021-40425

An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B_03 of Webroot Secure Anywhere 21.4. A specially-crafted executable can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability. An out-of-bounds read vulnerability exists in the IOCTL Get...

6.5CVSS

6.2AI Score

0.0004EPSS

2022-04-14 08:15 PM

39