Spy Sweeper CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2006-6960	1 Webroot Software	1 Spy Sweeper	2025-04-09	N/A
The Compression Sweep feature in WebRoot Spy Sweeper 4.5.9 and earlier does not handle non-ZIP archives, which allows remote attackers to bypass the malware detection via files with (1) RAR, (2) GZ, (3) TAR, (4) CAB, or (5) ACE compression.
CVE-2006-6961	1 Webroot Software	1 Spy Sweeper	2025-04-09	N/A
WebRoot Spy Sweeper 4.5.9 and earlier does not detect malware based on file contents, which allows remote attackers to bypass malware detection by changing a file's name.
CVE-2006-6959	1 Webroot Software	1 Spy Sweeper	2025-04-09	N/A
WebRoot Spy Sweeper 4.5.9 and earlier allows local users to bypass the "Startup-Shield" security restrictions by modifying certain registry keys.
CVE-2004-2676	1 Webroot Software	1 Spy Sweeper Enterprise	2025-04-03	N/A
The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges.

Page 1 of 1.