Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Panda Subscribe
Filtered by product Panda Activescan
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-3922 1 Panda 19 Panda Activescan, Panda Antivirus, Panda Antivirus Platinum and 16 more 2018-10-19 7.5 HIGH N/A
Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive.
CVE-2007-1670 1 Panda 6 Panda Activescan, Panda Antivirus, Panda Platinum 2006 Internet Security and 3 more 2018-10-16 7.8 HIGH N/A
Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
CVE-2009-3735 1 Panda 1 Panda Activescan 2018-10-12 9.3 HIGH N/A
The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3.0 in PandaActiveScan Installer 2.0 in Panda ActiveScan downloads software in an as2guiie.cab archive located at an arbitrary URL, and does not verify the archive's digital signature before installation, which allows remote attackers to execute arbitrary code via a URL argument to an unspecified method.
CVE-2008-3155 1 Panda 1 Panda Activescan 2017-09-28 9.3 HIGH N/A
Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method.
CVE-2008-3156 1 Panda 1 Panda Activescan 2017-09-28 9.3 HIGH N/A
The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method.
CVE-2006-4295 1 Panda 1 Panda Activescan 2008-09-05 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter.