GCVE - cpe:2.3:a:eset:nod32_antivirus:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:eset:nod32_antivirus:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Eset (`ba7608a7-791f-5152-b5d9-31cbdb9eefce`)
Product	Nod32 Antivirus (`77a46dc2-e9be-5cd6-b2fb-b93c2af145cf`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-7400`	vulnerable	2026-06-03 14:58:05.813061	Local privilege escalation in ESET products for Windows The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to delete files without having proper permissions to do so. Published: 2024-09-27T07:02:28.931Z Updated: 2024-09-27T18:54:39.099Z Open on db.gcve.eu Reference links https://support.eset.com/en/ca8726-local-privilege-escalation-fixed-for-vulnerability-during-detected-file-removal-in-eset-products-for-windows	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-0353`	vulnerable	2026-06-03 14:54:02.191775	Local privilege escalation in Windows products HIGH (7.8) Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission. Published: 2024-02-15T07:40:24.786Z Updated: 2025-12-10T19:33:58.732Z Open on db.gcve.eu Reference links https://support.eset.com/en/ca8612-eset-customer-advisory-link-following-local-privilege-escalation-vulnerability-in-eset-products-for-windows-fixed	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-7043`	vulnerable	2026-06-03 14:53:59.810235	Unquoted path privilege vulnerability in ESET products for Windows LOW (3.3) Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions. Published: 2024-01-31T12:51:38.253Z Updated: 2024-10-17T17:54:28.120Z Open on db.gcve.eu Reference links https://support.eset.com/en/ca8602	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-9264`	vulnerable	2026-06-03 14:43:13.195543	Details available ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Android, Smart TV Security, and NOD32 Antivirus 4 for Linux Desktop. Published: 2020-02-18T14:56:52.000Z Updated: 2024-08-04T10:26:14.447Z Open on db.gcve.eu Reference links https://support.eset.com/en/ca7387-modules-review-december-2019 https://blog.zoller.lu/p/tzo-11-2020-eset-generic-malformed.html http://seclists.org/fulldisclosure/2020/Feb/21	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-10193`	vulnerable	2026-06-03 14:40:59.591591	Details available ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Android, Smart TV Security, and NOD32 Antivirus 4 for Linux Desktop. Published: 2020-03-06T19:26:05.000Z Updated: 2024-08-04T10:58:39.025Z Open on db.gcve.eu Reference links https://blog.zoller.lu/p/from-low-hanging-fruit-department_13.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-10180`	vulnerable	2026-06-03 14:40:59.387461	Details available The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Android, Smart TV Security, and NOD32 Antivirus 4 for Linux Desktop. Published: 2020-03-05T18:44:58.000Z Updated: 2024-08-04T10:50:57.826Z Open on db.gcve.eu Reference links https://blog.zoller.lu/p/tzo-11-2020-eset-generic-malformed.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-3970`	vulnerable	2026-06-03 14:28:17.593907	Details available Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary code via a crafted CAB file, which triggers heap corruption. Published: 2007-07-25T17:00:00.000Z Updated: 2024-08-07T14:37:05.931Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/474244/100/0/threaded http://securityreason.com/securityalert/2922 http://secunia.com/advisories/26124 http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20Antivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt http://www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.