CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36814
https://notcve.org/view.php?id=CVE-2024-36814
08 Oct 2024 — An arbitrary file read vulnerability in Adguard Home before v0.107.52 allows authenticated attackers to access arbitrary files as root on the underlying Operating System via placing a crafted file into a readable directory. • https://github.com/AdguardTeam/AdGuardHome • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41173
https://notcve.org/view.php?id=CVE-2023-41173
25 Aug 2023 — AdGuard DNS before 2.2 allows remote attackers to cause a denial of service via malformed UDP packets. • https://adguard-dns.io/en/versions.html#2.2 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-45770
https://notcve.org/view.php?id=CVE-2022-45770
26 Jan 2023 — Improper input validation in adgnetworkwfpdrv.sys in Adguard For Windows x86 through 7.11 allows local privilege escalation. • https://github.com/Marsel-marsel/CVE-2022-45770 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-27935
https://notcve.org/view.php?id=CVE-2021-27935
03 Mar 2021 — An issue was discovered in AdGuard before 0.105.2. An attacker able to get the user's cookie is able to bruteforce their password offline, because the hash of the password is stored in the cookie. Se detectó un problema en AdGuard anterior a la versión 0.105.2. Un atacante capaz de obtener la cookie del usuario puede forzar su contraseña fuera de línea, porque el hash de la contraseña es almacenado en la cookie • https://github.com/AdguardTeam/AdGuardHome/issues/2470 • CWE-522: Insufficiently Protected Credentials •