Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
internet security vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2017-17429
In K7 Antivirus Premium prior to 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW integrity process can access a raw hard disk by sending a specific IOCTL.
K7computing Total Security
K7computing Antivirus
K7computing Internet Security
K7computing Ultimate Security
K7computing Endpoint
5
CVSSv2
CVE-2002-1695
Norton Internet Security 2001 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote malicious users to modify the log file contents while Norton Internet Security is running.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
Symantec Norton Internet Security 2001
7.2
CVSSv2
CVE-2005-1107
McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain files.
Mcafee Internet Security Suite 2005
7.2
CVSSv2
CVE-2007-5047
Norton Internet Security 2008 15.0.0.60 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the NtOpenSection kernel SSDT hook. NO...
Symantec Norton Internet Security 2008 15.0.0.60
7.2
CVSSv2
CVE-2014-9632
The TDI driver (avgtdix.sys) in AVG Internet Security prior to 2013.3495 Hot Fix 18 and 2015.x prior to 2015.5315 and Protection prior to 2015.5315 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x830020f8 IOCTL call.
Avg Protection
Avg Internet Security
1 EDB exploit
7.5
CVSSv2
CVE-2004-0364
The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Security 2004 is marked safe for scripting, which allows remote malicious users to execute arbitrary programs via the LaunchURL method.
Symantec Norton Internet Security 2004
5.4
CVSSv2
CVE-2014-5654
The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Kaspersky Kaspersky Internet Security 11.4.4.232
7.2
CVSSv2
CVE-2013-3947
Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 (Build 1373) allows local users to gain privileges via a crafted 0xA3350014 IOCTL call.
Ahnlab V3 Internet Security 8.0.7.5
2.1
CVSSv2
CVE-2010-5075
Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security 5.0 Korean Trial allows local users to cause a denial of service (memory corruption and panic) via a crafted IOCTL_ASWFW_COMM_PIDINFO_RESULTS DeviceIoControl request to \\.\aswFW.
Avast\\! Avast\\! Internet Security 5.0
1 EDB exploit
7.2
CVSSv2
CVE-2019-19197
IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0.6.9 allows an malicious user to achieve privilege escalation, denial-of-service, and code execution via usermode because 0x9C402401 using METHOD_NEITHER results in a read primitive.
Kyrolsecuritylabs Kyrol Internet Security 9.0.6.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »