CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-28130
https://notcve.org/view.php?id=CVE-2021-28130
24 Sep 2021 — Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A DLL for a custom payload within a legitimate binary (e.g., frwl_svc.exe) bypasses firewall filters. Dr.Web Firewall versión 12.5.2.4160, en Windows restringe incorrectamente las aplicaciones firmadas por Dr.Web. Una DLL para una carga útil personalizada dentro de un binario legítimo (por ejemplo, frwl_svc.exe) omite los filtros del firewall. • https://habr.com/ru/company/pm/blog/579328 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 3CVE-2020-23967
https://notcve.org/view.php?id=CVE-2020-23967
08 Mar 2021 — Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without administrative privileges to NT AUTHORITY\SYSTEM due to insufficient control during autoupdate. Dr.Web Security Space versiones 11 y 12, permiten una elevación de privilegios para usuarios locales sin privilegios administrativos a NT AUTHORITY\SYSTEM debido a un control insuficiente durante la actualización automática • https://amonitoring.ru/article/drweb • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2010-5159
https://notcve.org/view.php?id=CVE-2010-5159
25 Aug 2012 — Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has a... • http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2012-1447
https://notcve.org/view.php?id=CVE-2012-1447
21 Mar 2012 — The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified e_version field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations. El analizador de archivos ELF en Fortinet Antivirus v4.2.254.0, eSafe v7.0.17.0, Dr.Web v5.0.2.03300, y Panda Antiviru... • http://osvdb.org/80432 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 81%CPEs: 14EXPL: 0CVE-2012-1453
https://notcve.org/view.php?id=CVE-2012-1453
21 Mar 2012 — The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Rising Antivirus 22.83.00.03, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Fortinet Antivirus 4.2.254.0, and Panda Antiv... • http://osvdb.org/80482 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2012-1454
https://notcve.org/view.php?id=CVE-2012-1454
21 Mar 2012 — The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (formerly Webwasher) 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified ei_version field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations. El analizador de archivos ELF en Dr.Web v5... • http://osvdb.org/80432 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2008-5526
https://notcve.org/view.php?id=CVE-2008-5526
12 Dec 2008 — DrWeb Anti-virus 4.44.0.09170, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. DrWeb Anti-virus v4.44.0.09170, cuando se utiliza Internet Explorer 6 o 7, permite a atacantes remotos eludir la detección de malware en un do... • http://securityreason.com/securityalert/4723 • CWE-20: Improper Input Validation •