Filtered by vendor Quickheal
Subscribe
Search
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31466 | 1 Quickheal | 1 Total Security | 2023-08-08 | 4.4 MEDIUM | 7.0 HIGH |
| Time of Check - Time of Use (TOCTOU) vulnerability in Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, potentially leading to deletion of system files. This is achieved through exploiting the time between detecting a file as malicious and when the action of quarantining or cleaning is performed, and using the time to replace the malicious file by a symlink. | |||||
| CVE-2022-31467 | 1 Quickheal | 1 Total Security | 2022-06-02 | 4.4 MEDIUM | 7.3 HIGH |
| A DLL hijacking vulnerability in the installed for Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, leading to execution of arbitrary code, via the installer not restricting the search path for required DLLs and then not verifying the signature of the DLLs it tries to load. | |||||
| CVE-2018-8090 | 1 Quickheal | 3 Antivirus Pro, Internet Security, Total Security | 2021-09-13 | 6.8 MEDIUM | 7.8 HIGH |
| Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17.00 (QHIS32.exe), (QHISFT32.exe) - Version 10.0.0.37; Quick Heal AntiVirus Pro 64 bit 17.00 (QHAV64.exe), (QHAVFT64.exe) - Version 10.0.0.37; and Quick Heal AntiVirus Pro 32 bit 17.00 (QHAV32.exe), (QHAVFT32.exe) - Version 10.0.0.37 allow DLL Hijacking because of Insecure Library Loading. | |||||
| CVE-2017-8776 | 1 Quickheal | 3 Antivirus Pro, Internet Security, Total Security | 2021-09-13 | 5.0 MEDIUM | 7.5 HIGH |
| Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the product. | |||||
| CVE-2020-9362 | 1 Quickheal | 6 Antivirus For Server, Antivirus Pro, Home Security and 3 more | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, and Total Security for Android. | |||||
| CVE-2015-8285 | 1 Quickheal | 1 Total Security | 2017-04-27 | 5.0 MEDIUM | 7.5 HIGH |
| The webssx.sys driver in QuickHeal 16.00 allows remote attackers to cause a denial of service. | |||||