Vulnerabilities > Acer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-10 | CVE-2022-24285 | Improper Authentication vulnerability in Acer Care Center 4.00.3000/4.00.3038 Acer Care Center 4.00.30xx before 4.00.3042 contains a local privilege escalation vulnerability. | 7.2 |
| 2022-03-10 | CVE-2022-24286 | Improper Authentication vulnerability in Acer Quickaccess Acer QuickAccess 2.01.300x before 2.01.3030 and 3.00.30xx before 3.00.3038 contains a local privilege escalation vulnerability. | 7.2 |
| 2022-01-26 | CVE-2021-45975 | Untrusted Search Path vulnerability in Acer Care Center In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading mechanism of Windows DLLs could allow a local attacker to perform a DLL hijacking attack. | 6.9 |
| 2019-12-17 | CVE-2019-18670 | Untrusted Search Path vulnerability in Acer Quick Access In the Quick Access Service (QAAdminAgent.exe) in Acer Quick Access V2.01.3000 through 2.01.3027 and V3.00.3000 through V3.00.3008, a REGULAR user can load an arbitrary unsigned DLL into the signed service's process, which is running as NT AUTHORITY\SYSTEM. | 6.9 |
| 2017-10-16 | CVE-2017-15361 | Unspecified vulnerability in Infineon RSA Library and Trusted Platform Firmware The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. | 4.3 |
| 2017-06-08 | CVE-2016-5648 | Improper Certificate Validation vulnerability in Acer Portal 3.9.3.2006 Acer Portal app before 3.9.4.2000 for Android does not properly validate SSL certificates, which allows remote attackers to perform a Man-in-the-middle attack via a crafted SSL certificate. | 4.3 |
| 2012-08-22 | CVE-2012-2864 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome OS Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, Cr-48, and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, allows remote attackers to execute arbitrary code via unspecified vectors that trigger an "array overflow." | 10.0 |
| 2012-06-07 | CVE-2012-3290 | Multiple unspecified vulnerabilities in Google Chrome before 20.0.1132.22 on the Acer AC700; Samsung Series 5, 5 550, and Chromebox 3; and Cr-48 Chromebook platforms have unknown impact and attack vectors. | 10.0 |
| 2012-02-29 | CVE-2012-1418 | Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.60 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | 10.0 |
| 2012-01-12 | CVE-2012-0695 | Remote Security vulnerability in Chrome Os Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | 10.0 |