Eset Smart_security

18 CVEs affecting Eset Smart_security. Latest disclosed: 2024-07-16. Critical: 1, High: 9.

Top CVEs affecting Eset Smart_security
CVESeverityScorePublishedSummary
CVE-2020-10180Critical9.82020-03-05The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This affects versions before 1294 of Smart Security Pr…
CVE-2024-0353High7.82024-02-15Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission.
CVE-2023-3160High7.82023-08-14 The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permi…
CVE-2021-37852High7.82022-02-09ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by attacker to escalate privileges in the contex…
CVE-2020-11446High7.82020-04-29ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard links in some ESET directories and then…
CVE-2018-0649High7.82018-09-07Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. software programs (ESET Smart Security Premium, ESET Internet Securit…
CVE-2023-5594High7.52023-12-21Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algor…
CVE-2020-10193High7.52020-03-06ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. This affects versions before 1294…
CVE-2021-37851High7.32022-05-11Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious co…
CVE-2022-27167High7.12022-05-10Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" features what may lead to arbi…
CVE-2024-3779Medium6.12024-07-16Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoper…
CVE-2020-26941Medium5.52021-01-26A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlin…
CVE-2020-9264Medium5.52020-02-18ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. This affects versions befor…
CVE-2010-5160Medium4.52012-08-25Race condition in ESET Smart Security 4.2.35.3 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would othe…
CVE-2014-49732014-09-23The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint…
CVE-2008-71072009-08-28easdrv.sys in ESET Smart Security 3.0.667.0 allows local users to cause a denial of service (crash) via a crafted IOCTL 0x222003 request to the \\.\easdrv devi…
CVE-2008-57242008-12-26The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and earlier in ESET Smart Security 3.0.672 and earlier allows local users to gain privileges via a crafte…
CVE-2008-55272008-12-12ESET Smart Security, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header…