CVSS: 8.6EPSS: 0%CPEs: 24EXPL: 0CVE-2022-26122
https://notcve.org/view.php?id=CVE-2022-26122
02 Nov 2022 — An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64. Una verificación insuficiente de la vulnerabilidad de autenticidad de datos [CWE-345] en los motores FortiClient, FortiMail y FortiOS AV versión 6.2.168 e inferiores y la versión 6.4.274 e inferiores puede permitir... • https://fortiguard.com/psirt/FG-IR-22-074 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-9698
https://notcve.org/view.php?id=CVE-2019-9698
08 May 2019 — Symantec AV Engine, prior to 13.0.9r17, may be susceptible to an arbitrary file deletion issue, which is a type of vulnerability that could allow an attacker to delete files on the resident system without elevated privileges. El motor AV de Symantec, versiones anteriores a 13.0.9r17, puede ser susceptible a un problema de eliminación arbitraria de archivos, que es un tipo de vulnerabilidad que podría permitir a un atacante eliminar archivos en el sistema residente sin privilegios elevados. • https://support.symantec.com/en_US/article.SYMSA1481.html •
CVSS: 9.0EPSS: 2%CPEs: 1EXPL: 0CVE-2019-8285
https://notcve.org/view.php?id=CVE-2019-8285
08 May 2019 — Kaspersky Lab Antivirus Engine version before 04.apr.2019 has a heap-based buffer overflow vulnerability that potentially allow arbitrary code execution La versión de Kaspersky Lab Antivirus Engine anterior al 04.apr.2019 tiene una vulnerabilidad de desbordamiento de búfer basado en memoria dinámica (heap) que podría permitir la ejecución arbitraria de código. • http://www.securityfocus.com/bid/108284 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 2CVE-2005-0643 – LHA 1.x - Remote Buffer Overflow / Directory Traversal
https://notcve.org/view.php?id=CVE-2005-0643
20 Mar 2005 — Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4357 allows remote attackers to execute arbitrary code via crafted LHA files. • https://www.exploit-db.com/exploits/24067 •
CVSS: 9.8EPSS: 15%CPEs: 1EXPL: 1CVE-2005-0644
https://notcve.org/view.php?id=CVE-2005-0644
20 Mar 2005 — Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4436 allows remote attackers to execute arbitrary code via a malformed LHA file with a type 2 header file name field, a variant of CVE-2005-0643. • http://images.mcafee.com/misc/McAfee_Security_Bulletin_05-march-17.pdf •
CVSS: 7.5EPSS: 20%CPEs: 47EXPL: 2CVE-2004-1096 – Multiple AntiVirus - '.zip' Detection Bypass
https://notcve.org/view.php?id=CVE-2004-1096
01 Dec 2004 — Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. El módulo Perl Archive::Zip anterior a 1.14, cuando se usa en programas antivirus como amavisd-new, permite a atacantes remotos saltarse la protección del antivirus mediante un ficheros comprimido con cabeceras glob... • https://www.exploit-db.com/exploits/629 •
CVSS: 7.5EPSS: 43%CPEs: 48EXPL: 2CVE-2004-0932 – Multiple AntiVirus - '.zip' Detection Bypass
https://notcve.org/view.php?id=CVE-2004-0932
19 Nov 2004 — McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. • https://www.exploit-db.com/exploits/629 •
CVSS: 7.5EPSS: 30%CPEs: 48EXPL: 2CVE-2004-0933 – Multiple AntiVirus - '.zip' Detection Bypass
https://notcve.org/view.php?id=CVE-2004-0933
19 Nov 2004 — Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. • https://www.exploit-db.com/exploits/629 •
CVSS: 7.5EPSS: 14%CPEs: 48EXPL: 2CVE-2004-0934 – Multiple AntiVirus - '.zip' Detection Bypass
https://notcve.org/view.php?id=CVE-2004-0934
19 Nov 2004 — Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. • https://www.exploit-db.com/exploits/629 •
CVSS: 7.5EPSS: 13%CPEs: 48EXPL: 2CVE-2004-0935 – Multiple AntiVirus - '.zip' Detection Bypass
https://notcve.org/view.php?id=CVE-2004-0935
19 Nov 2004 — Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. • https://www.exploit-db.com/exploits/629 •