Filtered by vendor Eset
Subscriptions
Filtered by product Nod32 Antivirus
Subscriptions
Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-26941 | 1 Eset | 8 Endpoint Antivirus, Endpoint Security, File Security and 5 more | 2024-08-04 | 5.5 Medium |
| A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The possibility of exploiting this vulnerability is limited and can only take place during the installation phase of ESET products. Furthermore, exploitation can only succeed when Self-Defense is disabled. Affected products are: ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security, ESET Smart Security Premium versions 13.2 and lower; ESET Endpoint Antivirus, ESET Endpoint Security, ESET NOD32 Antivirus Business Edition, ESET Smart Security Business Edition versions 7.3 and lower; ESET File Security for Microsoft Windows Server, ESET Mail Security for Microsoft Exchange Server, ESET Mail Security for IBM Domino, ESET Security for Kerio, ESET Security for Microsoft SharePoint Server versions 7.2 and lower. | ||||
| CVE-2020-11446 | 1 Eset | 8 Antivirus And Antispyware, Endpoint Antivirus, Endpoint Security and 5 more | 2024-08-04 | 7.8 High |
| ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard links in some ESET directories and then force the product to write through these links into files that would normally not be write-able by the user, thus achieving privilege escalation. | ||||
| CVE-2020-10193 | 1 Eset | 6 Cyber Security, Internet Security, Mobile Security and 3 more | 2024-08-04 | 7.5 High |
| ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Android, Smart TV Security, and NOD32 Antivirus 4 for Linux Desktop. | ||||
| CVE-2020-10180 | 1 Eset | 5 Cyber Security, Mobile Security, Nod32 Antivirus and 2 more | 2024-08-04 | 9.8 Critical |
| The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Android, Smart TV Security, and NOD32 Antivirus 4 for Linux Desktop. | ||||
| CVE-2020-9264 | 1 Eset | 6 Cyber Security, Internet Security, Mobile Security and 3 more | 2024-08-04 | 5.5 Medium |
| ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Android, Smart TV Security, and NOD32 Antivirus 4 for Linux Desktop. | ||||
| CVE-2023-5594 | 1 Eset | 9 Endpoint Antivirus, Endpoint Security, File Security and 6 more | 2024-08-02 | 7.5 High |
| Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted. | ||||