CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-8724
https://notcve.org/view.php?id=CVE-2018-8724
K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local). The component is: K7TSMngr.exe. K7Computing Pvt Ltd K7AntiVirus Premium versión 15.1.0.53, está afectado por: un Control de acceso incorrecto. El impacto es: alcanzar privilegios (local). • http://k7antivirus.com http://k7computing.com https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021 • CWE-269: Improper Privilege Management CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-9333
https://notcve.org/view.php?id=CVE-2018-9333
K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe. K7Computing Pvt Ltd K7AntiVirus Premium versión 15.1.0.53, está afectado por: un Desbordamiento de Búfer. El impacto es: ejecutar código arbitrario (local). • http://k7antivirus.com http://k7computing.com https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-9332
https://notcve.org/view.php?id=CVE-2018-9332
K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local). K7Computing Pvt Ltd K7AntiVirus Premium versión 15.01.00.53, está afectado por: un Control de Acceso Incorrecto. El impacto es: alcanzar privilegios (local) • http://k7antivirus.com http://k7computing.com https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021 • CWE-269: Improper Privilege Management •
CVSS: 7.0EPSS: 0%CPEs: 7EXPL: 0CVE-2017-16555
https://notcve.org/view.php?id=CVE-2017-16555
K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way. K7 Antivirus Premium en versiones anteriores a la 15.1.0.53 permite que usuarios locales obtengan privilegios mediante el envío de una llamada IOCTL específica tras configurar la memoria de una forma en particular. • https://support.k7computing.com/index.php?/selfhelp/view-article/3rd-Advisory-issued-on-6th-November-2017 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2017-17429
https://notcve.org/view.php?id=CVE-2017-17429
In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW integrity process can access a raw hard disk by sending a specific IOCTL. En K7 Antivirus Premium en versiones anteriores a la 15.1.0.53, las entradas controladas por el usuario en el dispositivo K7Sentry no se autentican lo suficiente: un usuario local con un proceso de BAJA integridad puede acceder a un disco duro en formato raw mediante el envío de una llamada IOCTL específica. • https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-5th-December-2017 • CWE-20: Improper Input Validation •