Vulnerabilities > Escanav

DATE CVE VULNERABILITY TITLE RISK
2023-05-17 CVE-2023-31703 Cross-site Scripting vulnerability in Escanav Escan Management Console 14.0.1400.2281
Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter.
network
low complexity
escanav CWE-79
critical
9.0
2022-04-01 CVE-2021-26624 Improper Input Validation vulnerability in Escanav Escan Anti-Virus
An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus.
network
low complexity
escanav CWE-20
critical
10.0
2018-12-20 CVE-2018-18388 Unspecified vulnerability in Escanav Escan Anti-Virus 14.0
eScan Agent Application (MWAGENT.EXE) 4.0.2.98 in MicroWorld Technologies eScan 14.0 allows remote or local attackers to execute arbitrary commands by sending a carefully crafted payload to TCP port 2222.
network
low complexity
escanav
7.5
2018-07-13 CVE-2018-10098 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Escanav Escan Internet Security Suite 14.0.1400.2029
In MicroWorld eScan Internet Security Suite (ISS) for Business 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \\.\econceal to cause a denial of service (BSOD).
local
low complexity
escanav CWE-119
4.9
2018-01-25 CVE-2018-6203 Improper Input Validation vulnerability in Escanav Anti-Virus 14.0.1400.2029
In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300210C.
local
low complexity
escanav CWE-20
6.1
2018-01-25 CVE-2018-6202 Improper Input Validation vulnerability in Escanav Anti-Virus 14.0.1400.2029
In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020F8.
local
low complexity
escanav CWE-20
6.1
2018-01-25 CVE-2018-6201 Improper Input Validation vulnerability in Escanav Anti-Virus 14.0.1400.2029
In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020E0 or 0x830020E4.
local
low complexity
escanav CWE-20
6.1