Skip to main content

pandas

28 CVEs library

Monthly

CVE-2026-4998 MEDIUM POC This Month

Code injection in Sinaptik AI PandasAI versions up to 3.0.0 allows unauthenticated remote attackers to execute arbitrary code via the CodeExecutor.execute function in the Chat Message Handler component. CVSS 7.3 (High) with network attack vector, low complexity, and no authentication required. Publicly available exploit code exists (POC on GitHub Gist). EPSS data not provided, but the combination of unauthenticated remote execution and public exploit significantly elevates real-world risk. Vendor non-responsive to coordinated disclosure.

Code Injection RCE Pandasai pandas
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-4997 MEDIUM POC This Month

Path traversal in Sinaptik AI PandasAI up to version 3.0.0 allows remote unauthenticated attackers to read arbitrary files by manipulating the is_sql_query_safe function in the SQL sanitizer module. The vulnerability has a CVSS score of 5.3 (low-to-medium severity) with public exploit code available, though active exploitation has not been confirmed by CISA. The vendor did not respond to early disclosure notification.

Path Traversal Pandasai pandas
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-4996 MEDIUM POC This Month

SQL injection in Sinaptik AI PandasAI versions up to 0.1.4 allows unauthenticated remote attackers to manipulate database operations through the pandasai-lancedb extension. Six functions (delete_question_and_answers, delete_docs, update_question_answer, update_docs, get_relevant_question_answers_by_id, get_relevant_docs_by_id) in lancedb.py are vulnerable to SQL injection attacks. Publicly available exploit code exists (CVSS 7.3, EPSS data not provided). The vendor has not responded to disclosure attempts.

SQLi Pandasai pandas
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-69662 PyPI HIGH POC PATCH GHSA This Week

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the to_postgis()` function being used to write GeoDataFrames to a PostgreSQL database. [CVSS 8.6 HIGH]

PostgreSQL SQLi pandas
NVD GitHub
CVSS 3.1
8.6
EPSS
0.0%
CVE-2020-13091 PyPI CRITICAL POC PATCH Act Now

pandas through 1.0.3 can unserialize and execute commands from an untrusted file that is passed to the read_pickle() function, if __reduce__ makes an os.system call. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization pandas
NVD GitHub
CVSS 3.1
9.8
EPSS
3.4%
CVE-2017-17684 HIGH POC This Week

Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c04 \\.\PSMEMDriver DeviceIoControl request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Panda Global Protection pandas
NVD GitHub
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-17683 HIGH POC This Week

Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c44 \\.\PSMEMDriver DeviceIoControl request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Panda Global Protection pandas
NVD GitHub
CVSS 3.0
7.5
EPSS
0.4%
CVE-2014-5307 HIGH This Week

Heap-based buffer overflow in the PavTPK.sys kernel mode driver of Panda Security 2014 products before hft131306s24_r1 allows local users to gain privileges via a crafted argument to a 0x222008 IOCTL. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Panda Av Pro 2014 Panda Global Protection 2014 Panda Internet Security 2014 pandas
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2014-3450 HIGH This Week

Unspecified vulnerability in Panda Gold Protection and Global Protection 2014 7.01.01 and earlier, Internet Security 2014 19.01.01 and earlier, and AV Pro 2014 13.01.01 and earlier allows local users. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Panda Av Pro 2014 Panda Global Protection 2014 Panda Gold Protection Panda Internet Security 2014 +1
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2012-1463 MEDIUM This Month

The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation V3 Internet Security Esafe Command Antivirus Bitdefender +9
NVD
CVSS 2.0
4.3
EPSS
1.0%
CVE-2012-1459 MEDIUM This Month

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast!. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 79.5% and no vendor patch available.

Privilege Escalation Fortinet Microsoft V3 Internet Security Avast Antivirus +33
NVD
CVSS 2.0
4.3
EPSS
79.5%
CVE-2012-1456 MEDIUM This Month

The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 18.2% and no vendor patch available.

Privilege Escalation Fortinet Esafe Avg Anti Virus Quick Heal +18
NVD
CVSS 2.0
4.3
EPSS
18.2%
CVE-2012-1454 MEDIUM This Month

The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (formerly Webwasher) 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe Dr Web Antivirus Fortinet Antivirus +4
NVD
CVSS 2.0
4.3
EPSS
0.1%
CVE-2012-1453 MEDIUM This Month

The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 78.5% and no vendor patch available.

Privilege Escalation Fortinet Microsoft Avl Sdk Etrust Vet Antivirus +13
NVD
CVSS 2.0
4.3
EPSS
78.5%
CVE-2012-1447 MEDIUM This Month

The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe Dr Web Antivirus Fortinet Antivirus +2
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2012-1446 MEDIUM This Month

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe Avl Sdk Etrust Vet Antivirus +12
NVD
CVSS 2.0
4.3
EPSS
2.5%
CVE-2012-1445 MEDIUM This Month

The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe Fortinet Antivirus Panda Antivirus +2
NVD
CVSS 2.0
4.3
EPSS
0.1%
CVE-2012-1444 MEDIUM This Month

The ELF file parser in eSafe 7.0.17.0, Prevx 3.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe Fortinet Antivirus Panda Antivirus +2
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2012-1443 MEDIUM This Month

The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 50.2% and no vendor patch available.

Privilege Escalation Fortinet Microsoft V3 Internet Security Esafe +34
NVD
CVSS 2.0
4.3
EPSS
50.2%
CVE-2012-1442 MEDIUM This Month

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe Avl Sdk Quick Heal +9
NVD
CVSS 2.0
4.3
EPSS
2.8%
CVE-2012-1440 MEDIUM This Month

The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA eTrust Vet Antivirus 36.1.8511, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe Etrust Vet Antivirus Fortinet Antivirus +3
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-1439 MEDIUM This Month

The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe Fortinet Antivirus Panda Antivirus +2
NVD
CVSS 2.0
4.3
EPSS
0.1%
CVE-2012-1436 MEDIUM This Month

The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft V3 Internet Security Esafe Anti Malware +3
NVD
CVSS 2.0
4.3
EPSS
5.6%
CVE-2012-1435 MEDIUM This Month

The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft V3 Internet Security Esafe Anti Malware +3
NVD
CVSS 2.0
4.3
EPSS
5.6%
CVE-2012-1434 MEDIUM This Month

The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft V3 Internet Security Anti Malware Ikarus Virus Utilities T3 Command Line Scanner +2
NVD
CVSS 2.0
4.3
EPSS
8.0%
CVE-2012-1433 MEDIUM This Month

The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft V3 Internet Security Esafe Anti Malware +3
NVD
CVSS 2.0
4.3
EPSS
5.6%
CVE-2012-1432 MEDIUM This Month

The Microsoft EXE file parser in Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft Esafe Anti Malware Ikarus Virus Utilities T3 Command Line Scanner +2
NVD
CVSS 2.0
4.3
EPSS
5.6%
CVE-2012-1420 MEDIUM This Month

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 16.4% and no vendor patch available.

Privilege Escalation Fortinet Microsoft Command Antivirus Quick Heal +10
NVD
CVSS 2.0
4.3
EPSS
16.4%
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Code injection in Sinaptik AI PandasAI versions up to 3.0.0 allows unauthenticated remote attackers to execute arbitrary code via the CodeExecutor.execute function in the Chat Message Handler component. CVSS 7.3 (High) with network attack vector, low complexity, and no authentication required. Publicly available exploit code exists (POC on GitHub Gist). EPSS data not provided, but the combination of unauthenticated remote execution and public exploit significantly elevates real-world risk. Vendor non-responsive to coordinated disclosure.

Code Injection RCE Pandasai +1
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Path traversal in Sinaptik AI PandasAI up to version 3.0.0 allows remote unauthenticated attackers to read arbitrary files by manipulating the is_sql_query_safe function in the SQL sanitizer module. The vulnerability has a CVSS score of 5.3 (low-to-medium severity) with public exploit code available, though active exploitation has not been confirmed by CISA. The vendor did not respond to early disclosure notification.

Path Traversal Pandasai pandas
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in Sinaptik AI PandasAI versions up to 0.1.4 allows unauthenticated remote attackers to manipulate database operations through the pandasai-lancedb extension. Six functions (delete_question_and_answers, delete_docs, update_question_answer, update_docs, get_relevant_question_answers_by_id, get_relevant_docs_by_id) in lancedb.py are vulnerable to SQL injection attacks. Publicly available exploit code exists (CVSS 7.3, EPSS data not provided). The vendor has not responded to disclosure attempts.

SQLi Pandasai pandas
NVD VulDB GitHub
EPSS 0% CVSS 8.6
HIGH POC PATCH This Week

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the to_postgis()` function being used to write GeoDataFrames to a PostgreSQL database. [CVSS 8.6 HIGH]

PostgreSQL SQLi pandas
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC PATCH Act Now

pandas through 1.0.3 can unserialize and execute commands from an untrusted file that is passed to the read_pickle() function, if __reduce__ makes an os.system call. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization pandas
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Week

Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c04 \\.\PSMEMDriver DeviceIoControl request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Panda Global Protection pandas
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Week

Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c44 \\.\PSMEMDriver DeviceIoControl request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Panda Global Protection pandas
NVD GitHub
EPSS 0% CVSS 7.2
HIGH This Week

Heap-based buffer overflow in the PavTPK.sys kernel mode driver of Panda Security 2014 products before hft131306s24_r1 allows local users to gain privileges via a crafted argument to a 0x222008 IOCTL. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Panda Av Pro 2014 Panda Global Protection 2014 +2
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Unspecified vulnerability in Panda Gold Protection and Global Protection 2014 7.01.01 and earlier, Internet Security 2014 19.01.01 and earlier, and AV Pro 2014 13.01.01 and earlier allows local users. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Panda Av Pro 2014 Panda Global Protection 2014 +3
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation V3 Internet Security Esafe +11
NVD
EPSS 80% CVSS 4.3
MEDIUM This Month

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast!. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 79.5% and no vendor patch available.

Privilege Escalation Fortinet Microsoft +35
NVD
EPSS 18% CVSS 4.3
MEDIUM This Month

The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 18.2% and no vendor patch available.

Privilege Escalation Fortinet Esafe +20
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (formerly Webwasher) 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe +6
NVD
EPSS 78% CVSS 4.3
MEDIUM This Month

The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 78.5% and no vendor patch available.

Privilege Escalation Fortinet Microsoft +15
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe +4
NVD
EPSS 3% CVSS 4.3
MEDIUM This Month

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe +14
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe +4
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The ELF file parser in eSafe 7.0.17.0, Prevx 3.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe +4
NVD
EPSS 50% CVSS 4.3
MEDIUM This Month

The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 50.2% and no vendor patch available.

Privilege Escalation Fortinet Microsoft +36
NVD
EPSS 3% CVSS 4.3
MEDIUM This Month

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe +11
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA eTrust Vet Antivirus 36.1.8511, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe +5
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe +4
NVD
EPSS 6% CVSS 4.3
MEDIUM This Month

The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft V3 Internet Security +5
NVD
EPSS 6% CVSS 4.3
MEDIUM This Month

The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft V3 Internet Security +5
NVD
EPSS 8% CVSS 4.3
MEDIUM This Month

The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft V3 Internet Security +4
NVD
EPSS 6% CVSS 4.3
MEDIUM This Month

The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft V3 Internet Security +5
NVD
EPSS 6% CVSS 4.3
MEDIUM This Month

The Microsoft EXE file parser in Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft Esafe +4
NVD
EPSS 16% CVSS 4.3
MEDIUM This Month

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 16.4% and no vendor patch available.

Privilege Escalation Fortinet Microsoft +12
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy