NotCVE - vendor:"Trendmicro" product:"Internet Security" version:"

54 results (0.015 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-6510 – Local privilege escalation vulnerability in AVG Internet Security

https://notcve.org/view.php?id=CVE-2024-6510

12 Sep 2024 — Local Privilege Escalation in AVG Internet Security v24 on Windows allows a local unprivileged user to escalate privileges to SYSTEM via COM-Hijacking. • https://www.cirosec.de/sa/sa-2023-008 • CWE-427: Uncontrolled Search Path Element CWE-732: Incorrect Permission Assignment for Critical Resource CWE-749: Exposed Dangerous Method or Function •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1

CVE-2024-23940

https://notcve.org/view.php?id=CVE-2024-23940

29 Jan 2024 — Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system. Trend Micro uiAirSupport, incluido en la familia de productos de consumo Trend Micro Security 2023, versión 6.0.2092 y anteriores, es vulnerable a una vulnerabilida... • https://helpcenter.trendmicro.com/en-us/article/tmka-12134 • CWE-427: Uncontrolled Search Path Element •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2022-0357 – Improper Quoting Path Issue in Bitdefender Total Security

https://notcve.org/view.php?id=CVE-2022-0357

24 May 2023 — Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45. Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdef... • https://www.bitdefender.com/support/security-advisories/improper-quoting-path-issue-in-bitdefender-total-security • CWE-428: Unquoted Search Path or Element •

CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2022-27534

https://notcve.org/view.php?id=CVE-2022-27534

01 Apr 2022 — Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automatically. Credits: Georgy Zaytsev (Positive Technologies). Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases lanzados antes del 12 de marzo de 2022, tenían un error en un módulo de análisis de datos que potencialme... • https://support.kaspersky.com/general/vulnerability.aspx?el=12430#310322_2 •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2021-27223

https://notcve.org/view.php?id=CVE-2021-27223

01 Apr 2022 — A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. A local user could cause Windows crash by running a specially crafted binary module. The fix was delivered automatically. Credits: (Straghkov Denis, Kurmangaleev Shamil, Fedotov Andrey, Kuts Daniil, Mishechkin Maxim, Akolzin Vitaliy) @ ISPRAS Se presentaba un problema de denegación de servicio en uno de los módulos incorporados en los productos Kaspersky Anti-V... • https://support.kaspersky.com/general/vulnerability.aspx?el=12430#310322_1 •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-4199 – Incorrect Permission Assignment for Critical Resource vulnerability in BDReinit.exe (VA-10017)

https://notcve.org/view.php?id=CVE-2021-4199

07 Mar 2022 — Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45. Bitdefender Endpoint Security ... • https://www.bitdefender.com/support/security-advisories/incorrect-permission-assignment-for-critical-resource-vulnerability-in-bdreinit-exe-va-10017 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-4198 – messaging_ipc.dll NULL Pointer Dereference in multiple Bitdefender products (VA-10016)

https://notcve.org/view.php?id=CVE-2021-4198

07 Mar 2022 — A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools version... • https://www.bitdefender.com/support/security-advisories/messaging_ipc-dll-null-pointer-dereference-in-multiple-bitdefender-products-va-10016 • CWE-476: NULL Pointer Dereference •

CVSS: 8.2EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-8107 – Process Control vulnerability in Bitdefender Antivirus Plus

https://notcve.org/view.php?id=CVE-2020-8107

18 Feb 2022 — A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet Security versions prior to 24.0.26.136. Bitdefender Total Security versions prior to 24.0.26.136. Una vulnerabilidad de Control de Procesos en ProductAgentUI.exe usado en Bitdefender Antivirus Plus permite a un atacante manipular la con... • https://www.bitdefender.com/support/security-advisories/process-control-vulnerability-bitdefender-antivirus-plus-va-8709 • CWE-114: Process Control •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-43772

https://notcve.org/view.php?id=CVE-2021-43772

03 Dec 2021 — Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the protected folder to be modified without any detection. Trend Micro Security 2021 versión v17.0 (Consumer), contiene una vulnerabilidad que permite modificar los archivos dentro de la carpeta protegida sin ninguna detección • https://helpcenter.trendmicro.com/en-us/article/tmka-10855 • CWE-552: Files or Directories Accessible to External Parties •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-15732

https://notcve.org/view.php?id=CVE-2020-15732

22 Jun 2021 — Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security (HSTS) checks. This issue affects: Bitdefender Total Security versions prior to 25.0.7.29. Bitdefender Internet Security versions prior to 25.0.7.29. Bitdefender Antivirus Plus versions prior to 25.0.7.29. Una vulnerabilidad de Comprobación Inapropiada de Certificados en el módulo Online Threat Prevention tal y como... • https://www.bitdefender.com/support/security-advisories/improper-certificate-validation-bitdefender-total-security-va-8957 • CWE-295: Improper Certificate Validation •

1 2 3 4 5