Check CVE Id
Check CWE Id
The bdisk.sys driver in COMODO Backup before 126.96.36.199 allows remote attackers to gain privileges via a crafted device handle, which triggers a NULL pointer dereference.
(Permissions, Privileges, and Access Controls)
CVSS Base Score
A use-after-free flaw in the sandbox container implemented in cmdguard.sys in Comodo Antivirus 188.8.131.5270 can be triggered due to a race condition when handling IRP_MJ_CLEANUP requests in the minifilter for directory change notifications. This allow...
Comodo Antivirus through 184.108.40.20670, Comodo Firewall through 220.127.116.1170, and Comodo Internet Security Premium through 18.104.22.16870, with the Comodo Container feature, are vulnerable to Sandbox Escape.
Comodo Antivirus versions 22.214.171.12482 and below are vulnerable to Denial of Service affecting CmdGuard.sys via its filter port "cmdServicePort". A low privileged process can crash CmdVirth.exe to decrease the port's connection count followed by proce...
Comodo Antivirus versions 126.96.36.19910 and below are vulnerable to Denial of Service affecting CmdAgent.exe via an unprotected section object "<GUID>_CisSharedMemBuff". This section object is exposed by CmdAgent and contains a SharedMemoryDictionary o...
Comodo Antivirus versions up to 188.8.131.5210 are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". A low privileged local process can connect to this port and send an LPC_DATAGRAM, which triggers an...
Comodo Antivirus versions up to 184.108.40.20610 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local lo...
Comodo Antivirus versions up to 220.127.116.1110 are vulnerable to Local Privilege Escalation due to CmdAgent's handling of COM clients. A local process can bypass the signature check enforced by CmdAgent via process hollowing which can then allow the pro...
Comodo GeekBuddy before 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server.
Back to Top