Escan Anti Virus
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-28519 | Hig | 0.51 | 7.8 | 0.00 | May 3, 2024 | A kernel handle leak issue in ProcObsrvesx.sys 4.0.0.49 in MicroWorld Technologies Inc eScan Antivirus could allow privilege escalation for low-privileged users. | ||
| CVE-2007-4649 | 0.03 | — | 0.01 | Aug 31, 2007 | MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and Internet Security 9.0.722.1 use weak permissions (Everyone:Full Control) for their installation directory trees, which allows local users to gain privileges by replacing application files, as demonstrated by… | |||
| CVE-2025-1370 | 0.00 | — | 0.02 | Feb 17, 2025 | A vulnerability, which was classified as critical, has been found in MicroWorld eScan Antivirus 7.0.32 on Linux. Affected by this issue is the function sprintf of the file epsdaemon of the component Autoscan USB. The manipulation leads to os command injection. An attack has to… | |||
| CVE-2025-0798 | 0.00 | — | 0.07 | Jan 29, 2025 | A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. This issue affects some unknown processing of the file rtscanner of the component Quarantine Handler. The manipulation leads to os command injection. The attack may be… | |||
| CVE-2025-0797 | 0.00 | — | 0.00 | Jan 29, 2025 | A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulnerability affects unknown code of the file /var/Microworld/ of the component Quarantine Handler. The manipulation leads to incorrect default permissions. The… | |||
| CVE-2024-13188 | 0.00 | — | 0.00 | Jan 8, 2025 | A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. Affected by this issue is some unknown functionality of the file /opt/MicroWorld/var/ of the component Installation Handler. The manipulation leads to incorrect default… | |||
| CVE-2023-4383 | 0.00 | — | 0.00 | Aug 16, 2023 | A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The… | |||
| CVE-2021-26624 | 0.00 | — | 0.02 | Apr 1, 2022 | An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. This vulnerability is due to invalid arguments and insufficient execution conditions related to "runasroot" command. This vulnerability can induce remote attackers to exploit root… | |||
| CVE-2014-2385 | 0.00 | — | 0.04 | Jul 22, 2014 | Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3)… |
- risk 0.51cvss 7.8epss 0.00
A kernel handle leak issue in ProcObsrvesx.sys 4.0.0.49 in MicroWorld Technologies Inc eScan Antivirus could allow privilege escalation for low-privileged users.
- CVE-2007-4649Aug 31, 2007risk 0.03cvss —epss 0.01
MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and Internet Security 9.0.722.1 use weak permissions (Everyone:Full Control) for their installation directory trees, which allows local users to gain privileges by replacing application files, as demonstrated by…
- CVE-2025-1370Feb 17, 2025risk 0.00cvss —epss 0.02
A vulnerability, which was classified as critical, has been found in MicroWorld eScan Antivirus 7.0.32 on Linux. Affected by this issue is the function sprintf of the file epsdaemon of the component Autoscan USB. The manipulation leads to os command injection. An attack has to…
- CVE-2025-0798Jan 29, 2025risk 0.00cvss —epss 0.07
A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. This issue affects some unknown processing of the file rtscanner of the component Quarantine Handler. The manipulation leads to os command injection. The attack may be…
- CVE-2025-0797Jan 29, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulnerability affects unknown code of the file /var/Microworld/ of the component Quarantine Handler. The manipulation leads to incorrect default permissions. The…
- CVE-2024-13188Jan 8, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. Affected by this issue is some unknown functionality of the file /opt/MicroWorld/var/ of the component Installation Handler. The manipulation leads to incorrect default…
- CVE-2023-4383Aug 16, 2023risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The…
- CVE-2021-26624Apr 1, 2022risk 0.00cvss —epss 0.02
An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. This vulnerability is due to invalid arguments and insufficient execution conditions related to "runasroot" command. This vulnerability can induce remote attackers to exploit root…
- CVE-2014-2385Jul 22, 2014risk 0.00cvss —epss 0.04
Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3)…