Vulnerabilities > K7Computing > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-11 | CVE-2018-11006 | Improper Privilege Management vulnerability in K7Computing products An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | 8.8 |
| 2019-10-28 | CVE-2019-16897 | Improper Privilege Management vulnerability in K7Computing products In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitrary registry writes in the K7AVOptn.dll module to facilitate escalation of privileges via inter-process communication with a service process. | 7.5 |
| 2017-12-15 | CVE-2017-17701 | NULL Pointer Dereference vulnerability in K7Computing Antivirus 15.1.0309 K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025c8 DeviceIoControl request. | 7.5 |
| 2017-12-15 | CVE-2017-17700 | NULL Pointer Dereference vulnerability in K7Computing Antivirus 15.1.0309 K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025a4 DeviceIoControl request. | 7.5 |
| 2017-12-15 | CVE-2017-17699 | NULL Pointer Dereference vulnerability in K7Computing Antivirus 15.1.0309 K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025ac DeviceIoControl request. | 7.5 |
| 2017-12-08 | CVE-2017-17465 | NULL Pointer Dereference vulnerability in K7Computing Antivirus 15.1.0309 K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002574 DeviceIoControl request. | 7.5 |
| 2017-12-08 | CVE-2017-17464 | NULL Pointer Dereference vulnerability in K7Computing Antivirus 15.1.0309 K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002570 DeviceIoControl request. | 7.5 |
| 2015-02-06 | CVE-2014-9643 | Permissions, Privileges, and Access Controls vulnerability in K7Computing products K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call. | 7.2 |
| 2014-12-12 | CVE-2014-8956 | Buffer Errors vulnerability in K7Computing K7Av Sentry Device Driver 12.8.0.118 Stack-based buffer overflow in the K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via unspecified vectors. | 7.2 |
| 2014-12-12 | CVE-2014-7136 | Buffer Errors vulnerability in K7Computing K7Firewall Packet Driver 14.0.1.15 Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call. | 7.2 |