Vulnerabilities > Webroot

DATE CVE VULNERABILITY TITLE RISK
2024-10-03 CVE-2024-7824 Type Confusion vulnerability in Webroot Secureanywhere web Shield
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit (wrUrl.Dll modules) allows Functionality Misuse.This issue affects SecureAnywhere - Web Shield: before 2.1.2.3.
network
low complexity
webroot CWE-843
critical
9.8
2024-10-03 CVE-2024-7825 Type Confusion vulnerability in Webroot Secureanywhere web Shield
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit (wrUrl.Dll modules) allows Functionality Misuse.This issue affects SecureAnywhere - Web Shield: before 2.1.2.3.
network
low complexity
webroot CWE-843
critical
9.8
2024-10-03 CVE-2024-7826 Improper Check for Unusual or Exceptional Conditions vulnerability in Webroot Secureanywhere web Shield
Improper Check for Unusual or Exceptional Conditions vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit (wrURL.Dll modules) allows Functionality Misuse.This issue affects SecureAnywhere - Web Shield: before 2.1.2.3.
network
low complexity
webroot CWE-754
critical
9.8
2023-05-12 CVE-2023-29818 Unspecified vulnerability in Webroot Secureanywhere
An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections via the default allowlist feature being stored as non-admin.
local
low complexity
webroot
5.5
2023-05-12 CVE-2023-29819 Improper Privilege Management vulnerability in Webroot Secureanywhere
An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections via a crafted payload.
local
low complexity
webroot CWE-269
5.5
2023-05-12 CVE-2023-29820 Exposure of Resource to Wrong Sphere vulnerability in Webroot Secureanywhere
An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to access sensitive information via the EXE installer.
local
low complexity
webroot CWE-668
5.5
2022-04-14 CVE-2021-40424 Out-of-bounds Read vulnerability in Webroot Secureanywhere 21.4
An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B_03 of Webroot Secure Anywhere 21.4.
local
low complexity
webroot CWE-125
6.5
2022-04-14 CVE-2021-40425 Out-of-bounds Read vulnerability in Webroot Secureanywhere 21.4
An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B_03 of Webroot Secure Anywhere 21.4.
local
low complexity
webroot CWE-125
6.5
2020-06-15 CVE-2020-5755 Incorrect Permission Assignment for Critical Resource vulnerability in Webroot Endpoint Agents
Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming.
local
low complexity
webroot CWE-732
7.8
2020-06-15 CVE-2020-5754 Type Confusion vulnerability in Webroot Endpoint Agents
Webroot endpoint agents prior to version v9.0.28.48 allows remote attackers to trigger a type confusion vulnerability over its listening TCP port, resulting in crashing or reading memory contents of the Webroot endpoint agent.
network
low complexity
webroot CWE-843
critical
9.1