Vulnerabilities > Webroot > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-12 | CVE-2023-29818 | Unspecified vulnerability in Webroot Secureanywhere An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections via the default allowlist feature being stored as non-admin. | 5.5 |
| 2023-05-12 | CVE-2023-29819 | Improper Privilege Management vulnerability in Webroot Secureanywhere An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections via a crafted payload. | 5.5 |
| 2023-05-12 | CVE-2023-29820 | Exposure of Resource to Wrong Sphere vulnerability in Webroot Secureanywhere An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to access sensitive information via the EXE installer. | 5.5 |
| 2022-04-14 | CVE-2021-40424 | Out-of-bounds Read vulnerability in Webroot Secureanywhere 21.4 An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B_03 of Webroot Secure Anywhere 21.4. | 4.9 |
| 2022-04-14 | CVE-2021-40425 | Out-of-bounds Read vulnerability in Webroot Secureanywhere 21.4 An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B_03 of Webroot Secure Anywhere 21.4. | 4.9 |
| 2020-06-15 | CVE-2020-5755 | Improper Privilege Management vulnerability in Webroot Endpoint Agents Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. | 6.9 |
| 2020-06-15 | CVE-2020-5754 | Type Confusion vulnerability in Webroot Endpoint Agents Webroot endpoint agents prior to version v9.0.28.48 allows remote attackers to trigger a type confusion vulnerability over its listening TCP port, resulting in crashing or reading memory contents of the Webroot endpoint agent. | 6.4 |
| 2018-12-18 | CVE-2018-4015 | Improper Certificate Validation vulnerability in Webroot Brightcloud An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK. | 6.8 |
| 2014-09-09 | CVE-2014-5741 | Cryptographic Issues vulnerability in Webroot Security - Complete 3.6.0.6610 The Security - Complete (aka com.webroot.security.complete) application 3.6.0.6610 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |
| 2014-09-09 | CVE-2014-5740 | Cryptographic Issues vulnerability in Webroot Security - Free 3.6.0.6610 The Security - Free (aka com.webroot.security) application 3.6.0.6610 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |