CVE-2025-2425
- EPSS 0.02%
- Veröffentlicht 18.07.2025 09:20:52
- Zuletzt bearbeitet 22.07.2025 13:06:27
Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system.
CVE-2025-5028
- EPSS 0.02%
- Veröffentlicht 11.07.2025 06:40:28
- Zuletzt bearbeitet 15.07.2025 13:14:49
Installation file of ESET security products on Windows allow an attacker to misuse to delete an arbitrary file without having the permissions to do so.
CVE-2024-11859
- EPSS 0.03%
- Veröffentlicht 07.04.2025 08:08:22
- Zuletzt bearbeitet 16.04.2025 11:15:41
DLL Search Order Hijacking vulnerability potentially allowed an attacker with administrator privileges to load a malicious dynamic-link library and execute its code.
CVE-2024-7400
- EPSS 0.04%
- Veröffentlicht 27.09.2024 07:15:03
- Zuletzt bearbeitet 30.09.2024 12:46:20
The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to delete files without having proper permissions to do so.
CVE-2024-2003
- EPSS 0.06%
- Veröffentlicht 21.06.2024 08:15:09
- Zuletzt bearbeitet 21.11.2024 09:08:47
Local privilege escalation vulnerability allowed an attacker to misuse ESET's file operations during a restore operation from quarantine.
CVE-2023-7043
- EPSS 0.09%
- Veröffentlicht 31.01.2024 13:15:10
- Zuletzt bearbeitet 21.11.2024 08:45:06
Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions.
CVE-2018-0649
- EPSS 0.14%
- Veröffentlicht 07.09.2018 14:29:01
- Zuletzt bearbeitet 21.11.2024 03:38:39
Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. software programs (ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec (all programs exce...