📦

anti-virus

Vendor: f-secure

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 3 Code Available
Total RCEs 9 Remote Access
Total CVEs 236 Total Indexed
Avg. EPSS 2.65% Exploit Prob.
Latest CVE CVE-2022-42045 Jul 13

Security Vulnerability Index

Page 1 / 24
6.7 CVSS
CVE-2022-42045
RCE

Certain Zemana products are vulnerable to Arbitrary code injection. This affects Watchdog Anti-Malware 4.1.422 and Zemana AntiMalware 3.2.28.

EPSS: 0.84%
5.8 CVSS
CVE-2023-1587

Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11

EPSS: 0.06%
6.5 CVSS
CVE-2023-1586

Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the restore process leading to arbitrary file creation. The issue was fixed with Avast and AVG Antivirus version 22.11

EPSS: 0.10%
6.5 CVSS
CVE-2023-1585

Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. The issue was fixed with Avast and AVG Antivirus version 22.11 and virus definitions from 14 February 2023 or later.

EPSS: 0.09%
4.4 CVSS
CVE-2023-1453

A vulnerability was found in Watchdog Anti-Virus 1.4.214.0. It has been rated as critical. Affected by this issue is the function 0x80002008 in the library wsdk-driver.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-223298 is the identifier assigned to this vulnerability.

EPSS: 0.11%
5.5 CVSS
CVE-2023-1446

A vulnerability classified as problematic was found in Watchdog Anti-Virus 1.4.214.0. Affected by this vulnerability is the function 0x80002004/0x80002008 in the library wsdk-driver.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223291.

EPSS: 0.16%
6.5 CVSS
CVE-2022-38582
RCE

Incorrect access control in the anti-virus driver wsdkd.sys of Watchdog Antivirus v1.4.158 allows attackers to write arbitrary files.

EPSS: 0.22%
7.8 CVSS
CVE-2022-38611

Incorrect access control in Watchdog Anti-Virus v1.4.158 allows attackers to perform a DLL hijacking attack and execute arbitrary code via a crafted binary.

EPSS: 0.08%
9.8 CVSS
CVE-2022-27534
RCE

Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automatically. Credits: Georgy Zaytsev (Positive Technologies).

EPSS: 0.60%
5.5 CVSS
CVE-2021-27223

A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. A local user could cause Windows crash by running a specially crafted binary module. The fix was delivered automatically. Credits: (Straghkov Denis, Kurmangaleev Shamil, Fedotov Andrey, Kuts Daniil, Mishechkin Maxim, Akolzin Vitaliy) @ ISPRAS

EPSS: 0.13%