Escanav

escanav

28 CVEs • 4 products

Products (4)

Click to collapse

Toggle

Escan Anti Virus

escan_anti-virus

14 CVEs

Escan Management Console

escan_management_console

Escan Internet Security Suite

escan_internet_security_suite

1 CVE

CVEs (28)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-1370 1Escanav 1Escan Anti Virus Jun 27, 2025 Feb 17, 2025 4.8 MEDIUM· v4 5.3 MEDIUM· v3 4.3 MEDIUM· v2 A vulnerability, which was classified as critical, has been found in MicroWorld eScan Antivirus 7.0.32 on Linux. Affected by this issue is the function sprintf of the file epsdaemon of the component Autoscan USB. The man...Show more A vulnerability, which was classified as critical, has been found in MicroWorld eScan Antivirus 7.0.32 on Linux. Affected by this issue is the function sprintf of the file epsdaemon of the component Autoscan USB. The manipulation leads to os command injection. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-1369 1Escanav 1Escan Anti Virus Jun 27, 2025 Feb 17, 2025 2.0 LOW· v4 4.5 MEDIUM· v3 3.5 LOW· v2 A vulnerability classified as critical was found in MicroWord eScan Antivirus 7.0.32 on Linux. Affected by this vulnerability is an unknown functionality of the component USB Password Handler. The manipulation leads to o...Show more A vulnerability classified as critical was found in MicroWord eScan Antivirus 7.0.32 on Linux. Affected by this vulnerability is an unknown functionality of the component USB Password Handler. The manipulation leads to os command injection. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-1368 1Escanav 1Escan Anti Virus Jun 27, 2025 Feb 17, 2025 4.6 MEDIUM· v4 2.3 LOW· v3 1.4 LOW· v2 A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulnerability affects the function ReadConfiguration of the file /opt/MicroWorld/etc/mwav.conf. The manipu...Show more A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulnerability affects the function ReadConfiguration of the file /opt/MicroWorld/etc/mwav.conf. The manipulation of the argument BasePath leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-1367 1Escanav 1Escan Anti Virus Jun 27, 2025 Feb 17, 2025 4.8 MEDIUM· v4 5.3 MEDIUM· v3 4.3 MEDIUM· v2 A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been classified as critical. This affects the function sprintf of the component USB Password Handler. The manipulation leads to buffer overfl...Show more A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been classified as critical. This affects the function sprintf of the component USB Password Handler. The manipulation leads to buffer overflow. An attack has to be approached locally. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-1366 1Escanav 1Escan Anti Virus Oct 9, 2025 Feb 17, 2025 4.8 MEDIUM· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Affected by this issue is the function strcpy of the component VirusPopUp. The manipulation leads to stack-based buffer o...Show more A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Affected by this issue is the function strcpy of the component VirusPopUp. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-1364 1Escanav 1Escan Anti Virus Oct 10, 2025 Feb 16, 2025 4.8 MEDIUM· v4 6.6 MEDIUM· v3 4.3 MEDIUM· v2 A vulnerability has been found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Affected by this vulnerability is the function passPrompt of the component USB Protection Service. The manipulation...Show more A vulnerability has been found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Affected by this vulnerability is the function passPrompt of the component USB Protection Service. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-0798 1Escanav 1Escan Anti Virus Oct 9, 2025 Jan 29, 2025 9.2 CRITICAL· v4 8.1 HIGH· v3 7.6 HIGH· v2 A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. This issue affects some unknown processing of the file rtscanner of the component Quarantine Handler. The manipulati...Show more A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. This issue affects some unknown processing of the file rtscanner of the component Quarantine Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-0797 1Escanav 1Escan Anti Virus Oct 9, 2025 Jan 29, 2025 4.8 MEDIUM· v4 3.3 LOW· v3 1.7 LOW· v2 A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulnerability affects unknown code of the file /var/Microworld/ of the component Quarantine Handler. The...Show more A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulnerability affects unknown code of the file /var/Microworld/ of the component Quarantine Handler. The manipulation leads to incorrect default permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-0720 1Escanav 1Escan Anti Virus Oct 9, 2025 Jan 26, 2025 4.8 MEDIUM· v4 5.5 MEDIUM· v3 1.7 LOW· v2 A vulnerability was found in Microword eScan Antivirus 7.0.32 on Linux. It has been rated as problematic. Affected by this issue is the function removeExtraSlashes of the file /opt/MicroWorld/sbin/rtscanner of the compon...Show more A vulnerability was found in Microword eScan Antivirus 7.0.32 on Linux. It has been rated as problematic. Affected by this issue is the function removeExtraSlashes of the file /opt/MicroWorld/sbin/rtscanner of the component Folder Watch List Handler. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-13188 1Escanav 1Escan Anti Virus Oct 9, 2025 Jan 8, 2025 4.8 MEDIUM· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. Affected by this issue is some unknown functionality of the file /opt/MicroWorld/var/ of the component Installation...Show more A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. Affected by this issue is some unknown functionality of the file /opt/MicroWorld/var/ of the component Installation Handler. The manipulation leads to incorrect default permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-42919 1Escanav 1Escan Management Console Nov 12, 2025 Aug 20, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 eScan Management Console 14.0.1400.2281 is vulnerable to Incorrect Access Control via acteScanAVReport.
CVE-2023-4383 1Escanav 1Escan Anti Virus Nov 21, 2024 Aug 16, 2023 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned perm...Show more A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237315. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2023-34838 1Escanav 1Escan Management Console Nov 21, 2024 Jun 27, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a crafted script to the Description parameter.
CVE-2023-34837 1Escanav 1Escan Management Console Nov 21, 2024 Jun 27, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a vulnerable parameter GrpPath.
CVE-2023-34836 1Escanav 1Escan Management Console Nov 21, 2024 Jun 27, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a crafted script to the Dtltyp and ListName parameters.
CVE-2023-34835 1Escanav 1Escan Management Console Nov 21, 2024 Jun 27, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScript code via a vulnerable delete_file parameter.
CVE-2023-33731 1Escanav 1Escan Management Console Jan 8, 2025 Jun 2, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Reflected Cross Site Scripting (XSS) in the view dashboard detail feature in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the URL directly.
CVE-2023-33732 1Escanav 1Escan Management Console Jan 10, 2025 May 31, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross Site Scripting (XSS) in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, an...Show more Cross Site Scripting (XSS) in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval.Show less
CVE-2023-33730 1Escanav 1Escan Management Console Jan 10, 2025 May 31, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format...Show more Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format.Show less
CVE-2023-2875 1Escanav 1Escan Anti Virus Nov 21, 2024 May 24, 2023 N/A· v4 5.5 MEDIUM· v3 4.6 MEDIUM· v2 A vulnerability, which was classified as problematic, was found in eScan Antivirus 22.0.1400.2443. Affected is the function 0x22E008u in the library PROCOBSRVESX.SYS of the component IoControlCode Handler. The manipulati...Show more A vulnerability, which was classified as problematic, was found in eScan Antivirus 22.0.1400.2443. Affected is the function 0x22E008u in the library PROCOBSRVESX.SYS of the component IoControlCode Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. VDB-229854 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less

12 Next