Vendor CVEs
Eset
All CVEs
62 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-8841 | Cri | 0.64 | 9.8 | 0.09 | Apr 12, 2016 | Heap-based buffer overflow in the Archive support module in ESET NOD32 before update 11861 allows remote attackers to execute arbitrary code via a large number of languages in an EPOC installation file of type SIS_FILE_MULTILANG. | ||
| CVE-2025-13176 | Hig | 0.55 | — | 0.00 | Jan 30, 2026 | Planting a custom configuration file in ESET Inspect Connector allow load a malicious DLL. | ||
| CVE-2025-4952 | Med | 0.44 | — | 0.00 | Oct 31, 2025 | Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration. | ||
| CVE-2025-5028 | Med | 0.44 | — | 0.00 | Jul 11, 2025 | Installation file of ESET security products on Windows allow an attacker to misuse to delete an arbitrary file without having the permissions to do so. | ||
| CVE-2024-6654 | Med | 0.44 | — | 0.00 | Sep 27, 2024 | Products for macOS enables a user logged on to the system to perform a denial-of-service attack, which could be misused to disable the protection of the ESET security product and cause general system slow-down. | ||
| CVE-2016-9892 | Med | 0.38 | 5.9 | 0.02 | Mar 2, 2017 | The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide… | ||
| CVE-2010-5160 | Med | 0.29 | 4.5 | 0.00 | Aug 25, 2012 | Race condition in ESET Smart Security 4.2.35.3 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory… | ||
| CVE-2012-1459 | 0.08 | — | 1.00 | Mar 21, 2012 | The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus… | |||
| CVE-2012-1457 | 0.08 | — | 0.98 | Mar 21, 2012 | The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1,… | |||
| CVE-2012-1456 | 0.08 | — | 1.00 | Mar 21, 2012 | The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0,… | |||
| CVE-2012-1443 | 0.08 | — | 1.00 | Mar 21, 2012 | The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft… | |||
| CVE-2012-1422 | 0.08 | — | 0.94 | Mar 21, 2012 | The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial ITSF character sequence. NOTE: this may later… | |||
| CVE-2012-1420 | 0.08 | — | 0.97 | Mar 21, 2012 | The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32… | |||
| CVE-2004-0932 | 0.08 | — | 0.66 | Jan 27, 2005 | McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the… | |||
| CVE-2012-1461 | 0.07 | — | 0.92 | Mar 21, 2012 | The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7… | |||
| CVE-2012-1425 | 0.07 | — | 0.93 | Mar 21, 2012 | The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky… | |||
| CVE-2012-1423 | 0.07 | — | 0.90 | Mar 21, 2012 | The TAR file parser in Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, K7 AntiVirus 9.77.3565, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools… | |||
| CVE-2012-1455 | 0.05 | — | 0.61 | Mar 21, 2012 | The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a CAB file with a modified vMinor version field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing… | |||
| CVE-2012-1449 | 0.05 | — | 0.61 | Mar 21, 2012 | The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a CAB file with a modified vMajor field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the… | |||
| CVE-2004-0933 | 0.05 | — | 0.21 | Jan 27, 2005 | Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass… | |||
| CVE-2004-0937 | 0.04 | — | 0.15 | Feb 9, 2005 | Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being… | |||
| CVE-2004-0935 | 0.04 | — | 0.15 | Jan 27, 2005 | Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | |||
| CVE-2004-0936 | 0.04 | — | 0.15 | Jan 27, 2005 | RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | |||
| CVE-2004-0934 | 0.04 | — | 0.15 | Jan 27, 2005 | Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | |||
| CVE-2004-1096 | 0.04 | — | 0.17 | Jan 10, 2005 | Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on… | |||
| CVE-2008-7107 | 0.03 | — | 0.01 | Aug 28, 2009 | easdrv.sys in ESET Smart Security 3.0.667.0 allows local users to cause a denial of service (crash) via a crafted IOCTL 0x222003 request to the \\.\easdrv device interface. | |||
| CVE-2008-5724 | 0.03 | — | 0.01 | Dec 26, 2008 | The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and earlier in ESET Smart Security 3.0.672 and earlier allows local users to gain privileges via a crafted IRP in a certain METHOD_NEITHER IOCTL request to \Device\Epfw that overwrites portions of memory. | |||
| CVE-2008-4451 | 0.03 | — | 0.01 | Oct 6, 2008 | The SysInspector AntiStealth driver (esiasdrv.sys) 3.0.65535.0 in ESET System Analyzer Tool 1.1.1.0 allows local users to execute arbitrary code via a certain METHOD_NEITHER IOCTL request to \Device\esiasdrv that overwrites a pointer. | |||
| CVE-2007-2852 | 0.01 | — | 0.07 | May 24, 2007 | Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name. | |||
| CVE-2025-3716 | 0.00 | — | 0.00 | Mar 30, 2026 | User enumeration in ESET Protect (on-prem) via Response Timing. | |||
| CVE-2024-3779 | 0.00 | — | 0.00 | Jul 16, 2024 | Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions were met. | |||
| CVE-2024-0353 | 0.00 | — | 0.01 | Feb 15, 2024 | Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission. | |||
| CVE-2023-7043 | 0.00 | — | 0.00 | Jan 31, 2024 | Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions. | |||
| CVE-2023-5594 | 0.00 | — | 0.00 | Dec 21, 2023 | Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted. | |||
| CVE-2023-3160 | 0.00 | — | 0.00 | Aug 14, 2023 | The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions. | |||
| CVE-2023-2847 | 0.00 | — | 0.00 | Jun 15, 2023 | During internal security analysis, a local privilege escalation vulnerability has been identified. On a machine with the affected ESET product installed, it was possible for a user with lower privileges due to improper privilege management to trigger actions with root… | |||
| CVE-2021-37851 | 0.00 | — | 0.00 | May 11, 2022 | Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0.… | |||
| CVE-2022-27167 | 0.00 | — | 0.00 | May 10, 2022 | Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET,… | |||
| CVE-2022-0615 | 0.00 | — | 0.01 | Feb 25, 2022 | Use-after-free in eset_rtp kernel module used in ESET products for Linux allows potential attacker to trigger denial-of-service condition on the system. | |||
| CVE-2021-37852 | 0.00 | — | 0.01 | Feb 9, 2022 | ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by attacker to escalate privileges in the context of NT AUTHORITY\SYSTEM. | |||
| CVE-2021-37850 | 0.00 | — | 0.00 | Nov 8, 2021 | ESET was made aware of a vulnerability in its consumer and business products for macOS that enables a user logged on to the system to stop the ESET daemon, effectively disabling the protection of the ESET security product until a system reboot. | |||
| CVE-2020-26941 | 0.00 | — | 0.00 | Jan 21, 2021 | A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The possibility of exploiting this vulnerability is limited and can only take place… | |||
| CVE-2020-11446 | 0.00 | — | 0.00 | Apr 29, 2020 | ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard links in some ESET directories and then force the product to write through these links into files that would normally not be write-able by the user, thus… | |||
| CVE-2020-10193 | 0.00 | — | 0.01 | Mar 6, 2020 | ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS),… | |||
| CVE-2020-10180 | 0.00 | — | 0.02 | Mar 5, 2020 | The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for… | |||
| CVE-2020-9264 | 0.00 | — | 0.01 | Feb 18, 2020 | ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security… | |||
| CVE-2014-4974 | 0.00 | — | 0.01 | Nov 4, 2014 | The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local users to obtain sensitive information from kernel memory via crafted IOCTL calls. | |||
| CVE-2014-4973 | 0.00 | — | 0.01 | Sep 23, 2014 | The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows local users to gain privileges via a crafted argument to a 0x830020CC IOCTL… | |||
| CVE-2009-0548 | 0.00 | — | 0.02 | Feb 12, 2009 | Cross-site scripting (XSS) vulnerability in the Additional Report Settings interface in ESET Remote Administrator before 3.0.105 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party… | |||
| CVE-2008-5534 | 0.00 | — | 0.03 | Dec 12, 2008 | ESET NOD32 Antivirus 3662 and possibly 3440, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a… |
- risk 0.64cvss 9.8epss 0.09
Heap-based buffer overflow in the Archive support module in ESET NOD32 before update 11861 allows remote attackers to execute arbitrary code via a large number of languages in an EPOC installation file of type SIS_FILE_MULTILANG.
- risk 0.55cvss —epss 0.00
Planting a custom configuration file in ESET Inspect Connector allow load a malicious DLL.
- risk 0.44cvss —epss 0.00
Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration.
- risk 0.44cvss —epss 0.00
Installation file of ESET security products on Windows allow an attacker to misuse to delete an arbitrary file without having the permissions to do so.
- risk 0.44cvss —epss 0.00
Products for macOS enables a user logged on to the system to perform a denial-of-service attack, which could be misused to disable the protection of the ESET security product and cause general system slow-down.
- risk 0.38cvss 5.9epss 0.02
The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide…
- risk 0.29cvss 4.5epss 0.00
Race condition in ESET Smart Security 4.2.35.3 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory…
- CVE-2012-1459Mar 21, 2012risk 0.08cvss —epss 1.00
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus…
- CVE-2012-1457Mar 21, 2012risk 0.08cvss —epss 0.98
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1,…
- CVE-2012-1456Mar 21, 2012risk 0.08cvss —epss 1.00
The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0,…
- CVE-2012-1443Mar 21, 2012risk 0.08cvss —epss 1.00
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft…
- CVE-2012-1422Mar 21, 2012risk 0.08cvss —epss 0.94
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial ITSF character sequence. NOTE: this may later…
- CVE-2012-1420Mar 21, 2012risk 0.08cvss —epss 0.97
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32…
- CVE-2004-0932Jan 27, 2005risk 0.08cvss —epss 0.66
McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the…
- CVE-2012-1461Mar 21, 2012risk 0.07cvss —epss 0.92
The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7…
- CVE-2012-1425Mar 21, 2012risk 0.07cvss —epss 0.93
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky…
- CVE-2012-1423Mar 21, 2012risk 0.07cvss —epss 0.90
The TAR file parser in Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, K7 AntiVirus 9.77.3565, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools…
- CVE-2012-1455Mar 21, 2012risk 0.05cvss —epss 0.61
The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a CAB file with a modified vMinor version field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing…
- CVE-2012-1449Mar 21, 2012risk 0.05cvss —epss 0.61
The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a CAB file with a modified vMajor field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the…
- CVE-2004-0933Jan 27, 2005risk 0.05cvss —epss 0.21
Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass…
- CVE-2004-0937Feb 9, 2005risk 0.04cvss —epss 0.15
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being…
- CVE-2004-0935Jan 27, 2005risk 0.04cvss —epss 0.15
Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
- CVE-2004-0936Jan 27, 2005risk 0.04cvss —epss 0.15
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
- CVE-2004-0934Jan 27, 2005risk 0.04cvss —epss 0.15
Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
- CVE-2004-1096Jan 10, 2005risk 0.04cvss —epss 0.17
Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on…
- CVE-2008-7107Aug 28, 2009risk 0.03cvss —epss 0.01
easdrv.sys in ESET Smart Security 3.0.667.0 allows local users to cause a denial of service (crash) via a crafted IOCTL 0x222003 request to the \\.\easdrv device interface.
- CVE-2008-5724Dec 26, 2008risk 0.03cvss —epss 0.01
The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and earlier in ESET Smart Security 3.0.672 and earlier allows local users to gain privileges via a crafted IRP in a certain METHOD_NEITHER IOCTL request to \Device\Epfw that overwrites portions of memory.
- CVE-2008-4451Oct 6, 2008risk 0.03cvss —epss 0.01
The SysInspector AntiStealth driver (esiasdrv.sys) 3.0.65535.0 in ESET System Analyzer Tool 1.1.1.0 allows local users to execute arbitrary code via a certain METHOD_NEITHER IOCTL request to \Device\esiasdrv that overwrites a pointer.
- CVE-2007-2852May 24, 2007risk 0.01cvss —epss 0.07
Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name.
- CVE-2025-3716Mar 30, 2026risk 0.00cvss —epss 0.00
User enumeration in ESET Protect (on-prem) via Response Timing.
- CVE-2024-3779Jul 16, 2024risk 0.00cvss —epss 0.00
Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions were met.
- CVE-2024-0353Feb 15, 2024risk 0.00cvss —epss 0.01
Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission.
- CVE-2023-7043Jan 31, 2024risk 0.00cvss —epss 0.00
Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions.
- CVE-2023-5594Dec 21, 2023risk 0.00cvss —epss 0.00
Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted.
- CVE-2023-3160Aug 14, 2023risk 0.00cvss —epss 0.00
The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions.
- CVE-2023-2847Jun 15, 2023risk 0.00cvss —epss 0.00
During internal security analysis, a local privilege escalation vulnerability has been identified. On a machine with the affected ESET product installed, it was possible for a user with lower privileges due to improper privilege management to trigger actions with root…
- CVE-2021-37851May 11, 2022risk 0.00cvss —epss 0.00
Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0.…
- CVE-2022-27167May 10, 2022risk 0.00cvss —epss 0.00
Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET,…
- CVE-2022-0615Feb 25, 2022risk 0.00cvss —epss 0.01
Use-after-free in eset_rtp kernel module used in ESET products for Linux allows potential attacker to trigger denial-of-service condition on the system.
- CVE-2021-37852Feb 9, 2022risk 0.00cvss —epss 0.01
ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by attacker to escalate privileges in the context of NT AUTHORITY\SYSTEM.
- CVE-2021-37850Nov 8, 2021risk 0.00cvss —epss 0.00
ESET was made aware of a vulnerability in its consumer and business products for macOS that enables a user logged on to the system to stop the ESET daemon, effectively disabling the protection of the ESET security product until a system reboot.
- CVE-2020-26941Jan 21, 2021risk 0.00cvss —epss 0.00
A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The possibility of exploiting this vulnerability is limited and can only take place…
- CVE-2020-11446Apr 29, 2020risk 0.00cvss —epss 0.00
ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard links in some ESET directories and then force the product to write through these links into files that would normally not be write-able by the user, thus…
- CVE-2020-10193Mar 6, 2020risk 0.00cvss —epss 0.01
ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS),…
- CVE-2020-10180Mar 5, 2020risk 0.00cvss —epss 0.02
The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for…
- CVE-2020-9264Feb 18, 2020risk 0.00cvss —epss 0.01
ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security…
- CVE-2014-4974Nov 4, 2014risk 0.00cvss —epss 0.01
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local users to obtain sensitive information from kernel memory via crafted IOCTL calls.
- CVE-2014-4973Sep 23, 2014risk 0.00cvss —epss 0.01
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows local users to gain privileges via a crafted argument to a 0x830020CC IOCTL…
- CVE-2009-0548Feb 12, 2009risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in the Additional Report Settings interface in ESET Remote Administrator before 3.0.105 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party…
- CVE-2008-5534Dec 12, 2008risk 0.00cvss —epss 0.03
ESET NOD32 Antivirus 3662 and possibly 3440, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a…
Page 1 of 2