How severe is CVE-2025-1368?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 2.3 out of 10.

What type of vulnerability is CVE-2025-1368?

This is classified as CWE-119, which is a common weakness in software security.

CVE-2025-1368 - MEDIUM Severity | CVSS 2.3

Vulnerability Description

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulnerability affects the function ReadConfiguration of the file /opt/MicroWorld/etc/mwav.conf. The manipulation of the argument BasePath leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2020-11046

LOW

CVSS:2.2(Low)

In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.

CWE-1192020

CVE-2020-11058

LOW

CVSS:2.2(Low)

In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. As a result, a manipulated client or server might force a d...

CWE-1192020

CVE-2017-7407

LOW

CVSS:2.4(Low)

The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a wo...

CWE-1192017

CVE-2016-2870

LOW

CVSS:2.7(Low)

Buffer overflow in the CLI on IBM WebSphere DataPower XC10 appliances 2.1 and 2.5 allows remote authenticated users to cause a denial of service via unspecified vectors.

CWE-1192016

CVE-2025-1215

LOW

CVSS:2.8(Low)

A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corrup...

CWE-1192025

CVE-2016-0385

LOW

CVSS:3.1(Low)

Buffer overflow in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.10, 9.0 before 9.0.0.1, and Liberty before 16.0.0.3, when HttpSessionIdReuse is ena...

CWE-1192016