CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2018-8090
https://notcve.org/view.php?id=CVE-2018-8090
Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17.00 (QHIS32.exe), (QHISFT32.exe) - Version 10.0.0.37; Quick Heal AntiVirus Pro 64 bit 17.00 (QHAV64.exe), (QHAVFT64.exe) - Version 10.0.0.37; and Quick Heal AntiVirus Pro 32 bit 17.00 (QHAV32.exe), (QHAVFT32.exe) - Version 10.0.0.37 allow DLL Hijacking because of Insecure Library Loading. Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - versión 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - versión 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - versión 10.0.0.37; Quick Heal Internet Security 32 bit 17.00 (QHIS32.exe), (QHISFT32.exe) - versión 10.0.0.37; Quick Heal AntiVirus Pro 64 bit 17.00 (QHAV64.exe), (QHAVFT64.exe) - versión 10.0.0.37; y Quick Heal AntiVirus Pro 32 bit 17.00 (QHAV32.exe), (QHAVFT32.exe) - versión 10.0.0.37 permiten el secuestro de DLL debido a la carga de bibliotecas inseguras. • https://github.com/kernelm0de/CVE-2018-8090 • CWE-427: Uncontrolled Search Path Element •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 2CVE-2018-10018 – G DATA Total Security 25.4.0.3 - Activex Buffer Overflow
https://notcve.org/view.php?id=CVE-2018-10018
The GDASPAMLib.AntiSpam ActiveX control ASK\GDASpam.dll in G DATA Total Security 25.4.0.3 has a buffer overflow via a long IsBlackListed argument. El control ActiveX GDASPAMLib.AntiSpam ASK\GDASpam.dll en G DATA Total Security 25.4.0.3 tiene un desbordamiento de búfer mediante un argumento IsBlackListed largo. G DATA TOTAL SECURITY version 25.4.0.3 suffers from an active-x buffer overflow vulnerability. • https://www.exploit-db.com/exploits/45017 http://seclists.org/fulldisclosure/2018/Jul/55 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6183
https://notcve.org/view.php?id=CVE-2018-6183
BitDefender Total Security 2018 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of an "insecurely created named pipe". Ensures full access to Everyone users group. BitDefender Total Security 2018 permite que usuarios locales obtengan privilegios o provoquen una denegación de servicio (DoS) suplantando todas las tuberías mediante el uso de una "tubería nombrada creada de forma no segura". Garantiza el acceso total al grupo de usuarios Everyone. • http://seclists.org/fulldisclosure/2018/Mar/24 •
CVSS: 7.0EPSS: 0%CPEs: 7EXPL: 0CVE-2017-16551
https://notcve.org/view.php?id=CVE-2017-16551
K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way. K7 Antivirus Premium en versiones anteriores a la 15.1.0.53 permite que usuarios locales obtengan privilegios mediante el envío de una llamada IOCTL específica tras configurar la memoria de una forma en particular. • https://support.k7computing.com/index.php?/selfhelp/view-article/3rd-Advisory-issued-on-6th-November-2017 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-16549
https://notcve.org/view.php?id=CVE-2017-16549
K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls. K7 Antivirus Premium en versiones anteriores a la 15.1.0.53 permite que usuarios locales escriban en ubicaciones aleatorias de la memoria y, consecuentemente, obtengan privilegios mediante un conjunto específico de llamadas IOCTL. • https://support.k7computing.com/index.php?/Knowledgebase/Article/View/173/41/advisory-issued-on-6th-november-2017 • CWE-787: Out-of-bounds Write •