K7Computing Total Security vulnerabilities
25 known vulnerabilities affecting k7computing/total_security.
Total CVEs
25
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH19MEDIUM6
Vulnerabilities
Page 1 of 2
CVE-2014-9643P3HIGHCVSS 7.2PoC≤ 14.2.0.2522015-02-06
CVE-2014-9643 [HIGH] CWE-264 CVE-2014-9643: K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.25
K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call.
nvd
CVE-2017-18019P3HIGHCVSS 7.1PoCfixed in 15.1.0.3052018-01-04
CVE-2017-18019 [HIGH] CWE-20 CVE-2017-18019: In K7 Total Security before 15.1.0.305, user-controlled input to the K7Sentry device is not sufficie
In K7 Total Security before 15.1.0.305, user-controlled input to the K7Sentry device is not sufficiently sanitized: the user-controlled input can be used to compare an arbitrary memory address with a fixed value, which in turn can be used to read the contents of arbitrary memory. Similarly, the product crashes upon a \\.\K7Sentry DeviceIoControl call w
nvd
CVE-2018-8724P3HIGHCVSS 7.8fixed in 16.0.00012021-01-11
CVE-2018-8724 [HIGH] CWE-269 CVE-2018-8724: K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impa
K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local). The component is: K7TSMngr.exe.
nvd
CVE-2018-9332P3HIGHCVSS 7.8fixed in 16.0.00012021-01-11
CVE-2018-9332 [HIGH] CWE-269 CVE-2018-9332: K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Incorrect Access Control. The im
K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local).
nvd
CVE-2017-16549P3HIGHCVSS 7.8fixed in 15.1.0324fixed in 16.0.01312018-01-16
CVE-2017-16549 [HIGH] CWE-787 CVE-2017-16549: K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and
K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls.
nvd
CVE-2017-16550P3HIGHCVSS 7.8fixed in 15.1.0324fixed in 16.0.01312018-01-16
CVE-2017-16550 [HIGH] CVE-2017-16550: K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and
K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls.
nvd
CVE-2017-16554P3HIGHCVSS 7.8fixed in 15.1.0324fixed in 16.0.01312018-01-16
CVE-2017-16554 [HIGH] CWE-787 CVE-2017-16554: K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and
K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls.
nvd
CVE-2017-16552P3HIGHCVSS 7.8fixed in 15.1.0324fixed in 16.0.01312018-01-16
CVE-2017-16552 [HIGH] CWE-787 CVE-2017-16552: K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and
K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls.
nvd
CVE-2018-8044P3HIGHCVSS 7.8fixed in 16.0.00012021-01-11
CVE-2018-8044 [HIGH] CWE-269 CVE-2018-8044: K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impa
K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: Local Process Execution (local). The component is: K7Sentry.sys.
nvd
CVE-2018-8725P3HIGHCVSS 7.8fixed in 16.0.00012021-01-11
CVE-2018-8725 [HIGH] CWE-120 CVE-2018-8725: K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Buffer Overflow. The impact is:
K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe.
nvd
CVE-2018-11009P3HIGHCVSS 7.8fixed in 16.0.00012021-01-11
CVE-2018-11009 [HIGH] CWE-787 CVE-2018-11009: A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
nvd
CVE-2018-11010P3HIGHCVSS 7.8fixed in 16.0.00012021-01-11
CVE-2018-11010 [HIGH] CWE-787 CVE-2018-11010: A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
nvd
CVE-2018-8726P3HIGHCVSS 7.8fixed in 16.0.00012021-01-11
CVE-2018-8726 [HIGH] CWE-120 CVE-2018-8726: K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: ex
K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe.
nvd
CVE-2018-9333P3HIGHCVSS 7.8fixed in 16.0.00012021-01-11
CVE-2018-9333 [HIGH] CWE-120 CVE-2018-9333: K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: ex
K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe.
nvd
CVE-2018-11246P4HIGHCVSS 7.5fixed in 16.0.00012021-01-11
CVE-2018-11246 [HIGH] CWE-401 CVE-2018-11246: K7TSMngr.exe in K7Computing K7AntiVirus Premium 15.1.0.53 has a Memory Leak.
K7TSMngr.exe in K7Computing K7AntiVirus Premium 15.1.0.53 has a Memory Leak.
nvd
CVE-2017-16551P4HIGHCVSS 7.0fixed in 15.1.0324fixed in 16.0.01312018-01-16
CVE-2017-16551 [HIGH] CWE-787 CVE-2017-16551: K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IO
K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.
nvd
CVE-2017-16557P4HIGHCVSS 7.0fixed in 15.1.0324fixed in 16.0.01312018-01-16
CVE-2017-16557 [HIGH] CWE-787 CVE-2017-16557: K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IO
K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.
nvd
CVE-2017-16553P4HIGHCVSS 7.0fixed in 15.1.0324fixed in 16.0.01312018-01-16
CVE-2017-16553 [HIGH] CWE-787 CVE-2017-16553: K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IO
K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.
nvd
CVE-2017-16555P4HIGHCVSS 7.0fixed in 15.1.0324fixed in 16.0.01312018-01-16
CVE-2017-16555 [HIGH] CWE-787 CVE-2017-16555: K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IO
K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.
nvd
CVE-2017-17429P4MEDIUMCVSS 5.5fixed in 15.1.0324fixed in 16.0.01312018-01-16
CVE-2017-17429 [MEDIUM] CWE-20 CVE-2017-17429: In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not suffic
In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW integrity process can access a raw hard disk by sending a specific IOCTL.
nvd
1 / 2Next →