Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eset vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-17549
ESET Cyber Security prior to 6.8.1.0 is vulnerable to a denial-of-service allowing any user to stop (kill) ESET processes. An attacker can abuse this bug to stop the protection from ESET and launch his attack.
Eset Cyber Security
2 Github repositories
5.9
CVSSv3
CVE-2016-9892
The esets_daemon service in ESET Endpoint Antivirus for macOS prior to 6.4.168.0 and Endpoint Security for macOS prior to 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL server, which allows man-in-the-middle malicious users to spoof this server an...
Eset Endpoint Security 6.3.70.1
Eset Endpoint Antivirus 6.3.70.1
5.5
CVSSv3
CVE-2023-7043
Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions.
Eset Mail Security 10.1.10012.0
Eset Smart Security Premium
Eset Internet Security
Eset Nod32 Antivirus
Eset Endpoint Antivirus
Eset Endpoint Security
5.5
CVSSv3
CVE-2021-37850
ESET was made aware of a vulnerability in its consumer and business products for macOS that enables a user logged on to the system to stop the ESET daemon, effectively disabling the protection of the ESET security product until a system reboot.
Eset Cyber Security
Eset Endpoint Antivirus
Eset Endpoint Security
5.5
CVSSv3
CVE-2020-26941
A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The possibility of exploiting this vulnerability is limited and can only take place durin...
Eset Endpoint Antivirus
Eset Endpoint Security
Eset File Security
Eset Internet Security
Eset Internet Security 1294
Eset Mail Security
Eset Nod32 Antivirus
Eset Security
Eset Smart Security
5.5
CVSSv3
CVE-2020-9264
ESET Archive Support Module prior to 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. This affects versions prior to 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (mac...
Eset Cyber Security
Eset Internet Security
Eset Mobile Security
Eset Nod32 Antivirus 4
Eset Nod32 Antivirus
Eset Smart Security
Eset Smart Tv Security
NA
CVE-2024-0353
Local privilege escalation vulnerability potentially allowed an malicious user to misuse ESET’s file operations to delete files without having proper permission.
NA
CVE-2014-4974
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 up to and including 7.0, allows local users to obtain sensitive information from kernel memory via crafted IO...
Eset Personal Firewall Ndis Filter
NA
CVE-2014-4973
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and previous versions in ESET Smart Security and ESET Endpoint Security products 5.0 up to and including 7.0 allows local users to gain privileges via a crafted argument to a...
Eset Smart Security 5.0.95
Eset Smart Security 6.0.314
Eset Smart Security 5.2.9
Eset Smart Security 5.2.15
Eset Smart Security 6.0.306
Eset Smart Security 6.0.308
Eset Smart Security 5.0.94
Eset Smart Security 6.0.316
Eset Endpoint Security 5.0.2122
Eset Endpoint Security 5.0.2126
Eset Endpoint Security 5.0.2214
Eset Endpoint Security 5.0.2225
Eset Endpoint Security 5.0.2113
Eset Endpoint Security 5.0.2228
NA
CVE-2010-5160
Race condition in ESET Smart Security 4.2.35.3 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes...
Eset Smart Security 4.2.35.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »