CVE-2024-13990
- EPSS 0.15%
- Veröffentlicht 19.09.2025 18:54:08
- Zuletzt bearbeitet 22.09.2025 21:23:01
MicroWorld eScan AV's update mechanism failed to ensure authenticity and integrity of updates: update packages were delivered and accepted without robust cryptographic verification. As a result, an on-path attacker could perform a man-in-the-middle (...
- EPSS 5.28%
- Veröffentlicht 10.03.2008 17:44:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Absolute path traversal vulnerability in the FTP server in MicroWorld eScan Corporate Edition 9.0.742.98 and eScan Management Console (aka eScan Server) 9.0.742.1 allows remote attackers to read arbitrary files via an absolute pathname in the RETR (g...
- EPSS 23.72%
- Veröffentlicht 24.05.2007 02:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Stack-based buffer overflow in the MicroWorld Agent service (MWAGENT.EXE) in MicroWorld Technologies eScan before 9.0.718.1 allows remote attackers to execute arbitrary code via a long command.
- EPSS 1.6%
- Veröffentlicht 02.05.2007 18:19:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
The MicroWorld Agent service (MWAGENT.EXE) in MicroWorld Technologies eScan 8.0.671.1, and possibly other versions, allows remote or local attackers to gain privileges and execute arbitrary commands by connecting directly to TCP port 2222.