Vulnerabilities > K7Computing
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-11 | CVE-2018-11008 | Improper Privilege Management vulnerability in K7Computing products An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | 5.5 |
| 2021-01-11 | CVE-2018-11007 | Out-of-bounds Write vulnerability in K7Computing products A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | 5.5 |
| 2021-01-11 | CVE-2018-11006 | Improper Privilege Management vulnerability in K7Computing products An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | 5.5 |
| 2021-01-11 | CVE-2018-11005 | Out-of-bounds Read vulnerability in K7Computing products A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | 5.5 |
| 2019-12-27 | CVE-2019-16896 | Link Following vulnerability in K7Computing K7 Ultimate Security 16.0.0117 In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link attack with file restoration functionality. | 7.8 |
| 2019-10-28 | CVE-2019-16897 | Improper Privilege Management vulnerability in K7Computing products In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitrary registry writes in the K7AVOptn.dll module to facilitate escalation of privileges via inter-process communication with a service process. | 9.8 |
| 2018-01-16 | CVE-2017-17429 | Improper Input Validation vulnerability in K7Computing products In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW integrity process can access a raw hard disk by sending a specific IOCTL. | 5.5 |
| 2018-01-16 | CVE-2017-16557 | Out-of-bounds Write vulnerability in K7Computing products K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way. | 7.0 |
| 2018-01-16 | CVE-2017-16556 | Improper Input Validation vulnerability in K7Computing products In K7 Antivirus Premium before 15.1.0.53, user-controlled input can be used to allow local users to write to arbitrary memory locations. | 5.5 |
| 2018-01-16 | CVE-2017-16555 | Out-of-bounds Write vulnerability in K7Computing products K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way. | 7.0 |