Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opswat metadefender vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2022-32273
As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core (MDCore) prior to 5.1.2 could allow an authenticated user to enumerate filenames on the server.
Opswat Metadefender
7.5
CVSSv2
CVE-2022-32272
OPSWAT MetaDefender Core prior to 5.1.2, MetaDefender ICAP prior to 4.12.1, and MetaDefender Email Gateway Security prior to 5.6.1 have incorrect access control, resulting in privilege escalation.
Opswat Metadefender
NA
CVE-2022-40778
A stored Cross-Site Scripting (XSS) vulnerability in OPSWAT MetaDefender ICAP Server prior to 4.13.0 allows malicious users to execute arbitrary JavaScript or HTML because of the blocked page response.
Opswat Metadefender
6.8
CVSSv2
CVE-2018-16275
OPSWAT MetaDefender before v4.11.2 allows CSV injection.
Opswat Metadefender
NA
CVE-2023-36658
An issue exists in OPSWAT MetaDefender KIOSK 4.6.1.9996. It has an unquoted service path that can be abused locally.
Opswat Media Validation Agent
Opswat Metadefender Kiosk
NA
CVE-2023-36657
An issue exists in OPSWAT MetaDefender KIOSK 4.6.1.9996. Built-in features of Windows (desktop shortcuts, narrator) can be abused for privilege escalation.
Opswat Metadefender Kiosk
NA
CVE-2023-36659
An issue exists in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote malicious users to cause a denial of service (loss of communication).
Opswat Metadefender Kiosk
NA
CVE-2023-25364
Opswat Metadefender Core prior to 5.2.1 does not properly defend against potential HTML injection and XSS attacks.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started