Vulnerabilities > Webroot
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-12 | CVE-2023-29818 | Unspecified vulnerability in Webroot Secureanywhere An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections via the default allowlist feature being stored as non-admin. | 5.5 |
| 2023-05-12 | CVE-2023-29819 | Improper Privilege Management vulnerability in Webroot Secureanywhere An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections via a crafted payload. | 5.5 |
| 2023-05-12 | CVE-2023-29820 | Exposure of Resource to Wrong Sphere vulnerability in Webroot Secureanywhere An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to access sensitive information via the EXE installer. | 5.5 |
| 2022-04-14 | CVE-2021-40424 | Out-of-bounds Read vulnerability in Webroot Secureanywhere 21.4 An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B_03 of Webroot Secure Anywhere 21.4. | 4.9 |
| 2022-04-14 | CVE-2021-40425 | Out-of-bounds Read vulnerability in Webroot Secureanywhere 21.4 An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B_03 of Webroot Secure Anywhere 21.4. | 4.9 |
| 2020-06-15 | CVE-2020-5755 | Improper Privilege Management vulnerability in Webroot Endpoint Agents Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. | 6.9 |
| 2020-06-15 | CVE-2020-5754 | Type Confusion vulnerability in Webroot Endpoint Agents Webroot endpoint agents prior to version v9.0.28.48 allows remote attackers to trigger a type confusion vulnerability over its listening TCP port, resulting in crashing or reading memory contents of the Webroot endpoint agent. | 6.4 |
| 2019-01-03 | CVE-2018-4012 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Webroot Brightcloud An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. | 9.3 |
| 2018-12-18 | CVE-2018-4015 | Improper Certificate Validation vulnerability in Webroot Brightcloud An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK. | 6.8 |
| 2018-09-12 | CVE-2018-16962 | Write-what-where Condition vulnerability in Webroot Secureanywhere Webroot SecureAnywhere before 9.0.8.34 on macOS mishandles access to the driver by a process that lacks root privileges. | 7.2 |