Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anti-virus vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2019-18644
The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug; consequently, symbolic link attacks allow privileged files to be deleted.
Totaldefense Anti-virus 11.5.2.28
5.5
CVSSv3
CVE-2019-18645
The quarantine restoration function in Total Defense Anti-virus 11.5.2.28 is vulnerable to symbolic link attacks, allowing files to be written to privileged directories.
Totaldefense Anti-virus 11.5.2.28
NA
CVE-2008-5541
Sophos Anti-Virus 4.33.0, when Internet Explorer 6 or 7 is used, allows remote malicious users to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt e...
Sophos Anti-virus 4.33.0
7.8
CVSSv3
CVE-2022-38611
Incorrect access control in Watchdog Anti-Virus v1.4.158 allows malicious users to perform a DLL hijacking attack and execute arbitrary code via a crafted binary.
Watchdog Anti-virus 1.4.158
7.8
CVSSv3
CVE-2019-13357
In Total Defense Anti-virus 9.0.0.773, resource acquisition from the untrusted search path C:\ used by caschelp.exe allows local malicious users to hijack ccGUIFrm.dll, which leads to code execution. SYSTEM-level code execution can be achieved when the ccSchedulerSVC service runs...
Totaldefense Anti-virus 9.0.0.773
NA
CVE-2008-0318
Integer overflow in the cli_scanpe function in libclamav in ClamAV prior to 0.92.1, as used in clamd, allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.
Clam Anti-virus Clamav
6.1
CVSSv3
CVE-2019-18654
A Cross Site Scripting (XSS) issue exists in AVG AntiVirus (Internet Security Edition) 19.3.3084 build 19.3.4241.440 in the Network Notification Popup, allowing an malicious user to execute JavaScript code via an SSID Name.
Avg Anti-virus 19.3.3084
NA
CVE-2008-1737
Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argume...
Sophos Anti-virus 7.0.5
5.5
CVSSv3
CVE-2023-1446
A vulnerability classified as problematic was found in Watchdog Anti-Virus 1.4.214.0. Affected by this vulnerability is the function 0x80002004/0x80002008 in the library wsdk-driver.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An attack...
Watchdog Anti-virus 1.4.214.0
7.8
CVSSv3
CVE-2019-13355
In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\ used by ccschedulersvc.exe allows local malicious users to hijack dotnetproxy.exe, which leads to privilege escalation when the ccSchedulerSVC service runs ...
Totaldefense Anti-virus 9.0.0.773
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »