360Totalsecurity 360 Total Security vulnerabilities
7 known vulnerabilities affecting 360totalsecurity/360_total_security.
Total CVEs
7
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH6MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2017-12653P3HIGHCVSS 7.8PoC≤ 9.0.0.12022017-08-07
CVE-2017-12653 [HIGH] CWE-427 CVE-2017-12653: 360 Total Security 9.0.0.1202 before 2017-07-07 allows Privilege Escalation via a Trojan horse Shcor
360 Total Security 9.0.0.1202 before 2017-07-07 allows Privilege Escalation via a Trojan horse Shcore.dll file in any directory in the PATH, as demonstrated by the C:\Python27 directory.
nvd
CVE-2024-22014P3HIGHCVSS 8.8≤ 11.0.0.10612024-04-15
CVE-2024-22014 [HIGH] CWE-61 CVE-2024-22014: An issue discovered in 360 Total Security Antivirus through 11.0.0.1061 for Windows allows attackers
An issue discovered in 360 Total Security Antivirus through 11.0.0.1061 for Windows allows attackers to gain escalated privileges via Symbolic Link Follow to Arbitrary File Delete.
nvd
CVE-2021-33973P3HIGHCVSS 7.8v10.8.0.12132023-04-19
CVE-2021-33973 [HIGH] CWE-120 CVE-2021-33973: Buffer Overflow vulnerability in Qihoo 360 Safe guard v12.1.0.1004, v12.1.0.1005, v13.1.0.1001 allow
Buffer Overflow vulnerability in Qihoo 360 Safe guard v12.1.0.1004, v12.1.0.1005, v13.1.0.1001 allows attacker to escalate priveleges.
nvd
CVE-2020-15724P3HIGHCVSS 7.8≤ 12.1.0.1005v12.1.0.10052020-07-21
CVE-2020-15724 [HIGH] CWE-427 CVE-2020-15724: In the version 12.1.0.1005 and below of 360 Total Security, when the Gamefolde calls GameChrome.exe,
In the version 12.1.0.1005 and below of 360 Total Security, when the Gamefolde calls GameChrome.exe, there exists a local privilege escalation vulnerability. An attacker who could exploit DLL hijacking to bypass the hips could execute arbitrary code on the Local system.
nvd
CVE-2020-15723P3HIGHCVSS 7.8≤ 12.1.0.1004v12.1.0.10042020-07-21
CVE-2020-15723 [HIGH] CWE-427 CVE-2020-15723: In the version 12.1.0.1004 and below of 360 Total Security, when the main process of 360 Total Secur
In the version 12.1.0.1004 and below of 360 Total Security, when the main process of 360 Total Security calls GameChrome.exe, there exists a local privilege escalation vulnerability. An attacker who could exploit DLL hijacking to bypass the hips could execute arbitrary code on the Local system.
nvd
CVE-2020-15722P3HIGHCVSS 7.8≤ 12.1.0.1004v12.1.0.10042020-07-21
CVE-2020-15722 [HIGH] CWE-427 CVE-2020-15722: In version 12.1.0.1004 and below of 360 Total Security,when TPI calls the browser process, there exi
In version 12.1.0.1004 and below of 360 Total Security,when TPI calls the browser process, there exists a local privilege escalation vulnerability. An attacker who could exploit DLL hijacking could execute arbitrary code on the Local system.
nvd
CVE-2018-18603P4MEDIUMCVSS 6.3v3.5.0.10332018-10-23
CVE-2018-18603 [MEDIUM] CVE-2018-18603: 360 Total Security 3.5.0.1033 allows a Sandbox Escape via an "import os" statement, followed by os.s
360 Total Security 3.5.0.1033 allows a Sandbox Escape via an "import os" statement, followed by os.system("CMD") or os.system("PowerShell"), within a .py file. NOTE: the vendor's position is that this cannot be categorized as a vulnerability, although it is a security-related issue
nvd