CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-16550
https://notcve.org/view.php?id=CVE-2017-16550
16 Jan 2018 — K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls. K7 Antivirus Premium en versiones anteriores a la 15.1.0.53 permite que usuarios locales escriban en ubicaciones aleatorias de la memoria y, consecuentemente, obtengan privilegios mediante un conjunto específico de llamadas IOCTL. • https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-November-2017 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2017-16556
https://notcve.org/view.php?id=CVE-2017-16556
16 Jan 2018 — In K7 Antivirus Premium before 15.1.0.53, user-controlled input can be used to allow local users to write to arbitrary memory locations. En K7 Antivirus Premium en versiones anteriores a la 15.1.0.53, las entradas controladas por el usuario pueden emplearse para permitir que usuarios locales escriban en ubicaciones arbitrarias de la memoria. • https://support.k7computing.com/index.php?/selfhelp/view-article/2nd-Advisory-issued-on-6th-November-2017 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-16549
https://notcve.org/view.php?id=CVE-2017-16549
16 Jan 2018 — K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls. K7 Antivirus Premium en versiones anteriores a la 15.1.0.53 permite que usuarios locales escriban en ubicaciones aleatorias de la memoria y, consecuentemente, obtengan privilegios mediante un conjunto específico de llamadas IOCTL. • https://support.k7computing.com/index.php?/Knowledgebase/Article/View/173/41/advisory-issued-on-6th-november-2017 • CWE-787: Out-of-bounds Write •
CVSS: 7.0EPSS: 0%CPEs: 7EXPL: 0CVE-2017-16551
https://notcve.org/view.php?id=CVE-2017-16551
16 Jan 2018 — K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way. K7 Antivirus Premium en versiones anteriores a la 15.1.0.53 permite que usuarios locales obtengan privilegios mediante el envío de una llamada IOCTL específica tras configurar la memoria de una forma en particular. • https://support.k7computing.com/index.php?/selfhelp/view-article/3rd-Advisory-issued-on-6th-November-2017 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2017-17429
https://notcve.org/view.php?id=CVE-2017-17429
16 Jan 2018 — In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW integrity process can access a raw hard disk by sending a specific IOCTL. En K7 Antivirus Premium en versiones anteriores a la 15.1.0.53, las entradas controladas por el usuario en el dispositivo K7Sentry no se autentican lo suficiente: un usuario local con un proceso de BAJA integridad puede acceder a un disco duro en formato raw mediante el envío de una llamada ... • https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-5th-December-2017 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-16552
https://notcve.org/view.php?id=CVE-2017-16552
16 Jan 2018 — K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls. K7 Antivirus Premium en versiones anteriores a la 15.1.0.53 permite que usuarios locales escriban en ubicaciones aleatorias de la memoria y, consecuentemente, obtengan privilegios mediante un conjunto específico de llamadas IOCTL. • https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-November-2017 • CWE-787: Out-of-bounds Write •
CVSS: 7.0EPSS: 0%CPEs: 7EXPL: 0CVE-2017-16557
https://notcve.org/view.php?id=CVE-2017-16557
16 Jan 2018 — K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way. K7 Antivirus Premium en versiones anteriores a la 15.1.0.53 permite que usuarios locales obtengan privilegios mediante el envío de una llamada IOCTL específica tras configurar la memoria de una forma en particular. • https://support.k7computing.com/index.php?/selfhelp/view-article/3rd-Advisory-issued-on-6th-November-2017 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2017-8307
https://notcve.org/view.php?id=CVE-2017-8307
27 Apr 2017 — In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows service, it is possible to launch predefined binaries, or replace or delete arbitrary files. This vulnerability is exploitable by any unprivileged user when Avast Self-Defense is disabled. It is also exploitable in conjunction with CVE-2017-8308 when Avast Self-Defense is enabled. The vulnerability allows for Denial of Service attacks and hiding traces of a possible attack. En Avast Antivirus versiones anteriores ... • http://www.securityfocus.com/bid/98086 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2017-8308
https://notcve.org/view.php?id=CVE-2017-8308
27 Apr 2017 — In Avast Antivirus before v17, an unprivileged user (and thus malware or a virus) can mark an arbitrary process as Trusted from the perspective of the Avast product. This bypasses the Self-Defense feature of the product, opening a door to subsequent attack on many of its components. En Avast Antivirus anteriores a v17, un usuario no privilegiado puede marcar un proceso arbitrario como Trusted desde la perspectiva del producto Avast. Esto evita la característica de Self-Defense del producto, abriendo una pue... • http://www.securityfocus.com/bid/98084 • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 1%CPEs: 39EXPL: 0CVE-2011-0688
https://notcve.org/view.php?id=CVE-2011-0688
31 Jan 2011 — Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. NOTE: some of these details are obtained from third party information. Intel Alert Management System(también conocido como AM... • http://secunia.com/advisories/43099 • CWE-287: Improper Authentication •