Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-25252PUBLISHED: 2021-03-03Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
CVE-2021-26813PUBLISHED: 2021-03-03markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time.
CVE-2021-27215PUBLISHED: 2021-03-03
An issue was discovered in genua genugate before 9.0 Z p19, 9.1.x through 9.6.x before 9.6 p7, and 10.x before 10.1 p4. The Web Interfaces (Admin, Userweb, Sidechannel) can use different methods to perform the authentication of a user. A specific authentication method during login does not check the...
CVE-2021-3419PUBLISHED: 2021-03-03** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2020-15937PUBLISHED: 2021-03-03An improper neutralization of input vulnerability in FortiGate version 6.2.x below 6.2.5 and 6.4.x below 6.4.1 may allow a remote attacker to perform a stored cross site scripting attack (XSS) via the IPS and WAF logs dashboard.
User Rank: Apprentice
5/7/2014 | 5:05:51 AM
When you have access to the antivirus software, you have full admin access to the whole computer : files, network, USB, ...
Antivirus software watches all processes on the computer but nobody watches antivirus software ..
Antivirus software can read file and send data to distant server.
Users cannot distinct normal antivirus scan process and updates and data spying ...