Vulnerabilities > Drweb

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-24	CVE-2021-28130	Uncontrolled Search Path Element vulnerability in Drweb Security Space 12.5.2.4160 Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. local drweb CWE-427	4.4
2021-03-08	CVE-2020-23967	Improper Verification of Cryptographic Signature vulnerability in Drweb Security Space 11.0/12.0 Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without administrative privileges to NT AUTHORITY\SYSTEM due to insufficient control during autoupdate. local low complexity drweb CWE-347	7.2
2012-03-21	CVE-2012-1454	Permissions, Privileges, and Access Controls vulnerability in multiple products The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (formerly Webwasher) 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified ei_version field. network aladdin drweb fortinet mcafee pandasecurity rising-global CWE-264	4.3
2012-03-21	CVE-2012-1453	Permissions, Privileges, and Access Controls vulnerability in multiple products The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Rising Antivirus 22.83.00.03, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via a CAB file with a modified coffFiles field. network antiy ca drweb emsisoft fortinet ikarus kaspersky mcafee microsoft pandasecurity rising-global sophos trendmicro CWE-264	4.3
2012-03-21	CVE-2012-1447	Permissions, Privileges, and Access Controls vulnerability in multiple products The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified e_version field. network aladdin drweb fortinet pandasecurity CWE-264	4.3
2008-12-12	CVE-2008-5526	Improper Input Validation vulnerability in Drweb Anti-Virus 4.44.0.09170 DrWeb Anti-virus 4.44.0.09170, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. network drweb microsoft CWE-20 critical	9.3

Vulnerabilities > Drweb {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Drweb"}]}

Vulnerabilities > Drweb