Opswat

opswat

8 CVEs • 4 products

Products (4)

Click to collapse

Toggle

Metadefender Kiosk

metadefender_kiosk

Media Validation Agent

media_validation_agent

Outpost Security Suite

outpost_security_suite

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-57695 1Opswat 1Outpost Security Suite Jan 2, 2026 Nov 11, 2025 N/A· v4 7.7 HIGH· v3 N/A· v2 An issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810) and 7.6 (3984.693.1842) allows a local attacker to execute arbitrary code via the lock function. The manufacturer fixed the vulnerability in version 8.0 (4...Show more An issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810) and 7.6 (3984.693.1842) allows a local attacker to execute arbitrary code via the lock function. The manufacturer fixed the vulnerability in version 8.0 (4164.652.1856) from December 17, 2012.Show less
CVE-2023-36659 1Opswat 1Metadefender Kiosk Nov 21, 2024 Sep 15, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote attackers to cause a denial of service (loss of communication).
CVE-2023-36657 1Opswat 1Metadefender Kiosk Nov 21, 2024 Sep 15, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Built-in features of Windows (desktop shortcuts, narrator) can be abused for privilege escalation.
CVE-2023-36658 1Opswat 2Media Validation Agent Metadefender Kiosk Nov 21, 2024 Sep 15, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. It has an unquoted service path that can be abused locally.
CVE-2022-40778 1Opswat 1Metadefender Nov 21, 2024 Sep 19, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A stored Cross-Site Scripting (XSS) vulnerability in OPSWAT MetaDefender ICAP Server before 4.13.0 allows attackers to execute arbitrary JavaScript or HTML because of the blocked page response.
CVE-2022-32272 1Opswat 1Metadefender Nov 21, 2024 Jun 9, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 OPSWAT MetaDefender Core before 5.1.2, MetaDefender ICAP before 4.12.1, and MetaDefender Email Gateway Security before 5.6.1 have incorrect access control, resulting in privilege escalation.
CVE-2022-32273 1Opswat 1Metadefender Nov 21, 2024 Jun 8, 2022 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core (MDCore) before 5.1.2 could allow an authenticated user to enumerate filenames on the server.
CVE-2018-16275 1Opswat 1Metadefender Nov 21, 2024 Aug 31, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 OPSWAT MetaDefender before v4.11.2 allows CSV injection.