Vulnerabilities > K7Computing > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-27 | CVE-2019-16896 | Link Following vulnerability in K7Computing K7 Ultimate Security 16.0.0117 In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link attack with file restoration functionality. | 2.1 |
| 2018-01-16 | CVE-2017-16556 | Improper Input Validation vulnerability in K7Computing products In K7 Antivirus Premium before 15.1.0.53, user-controlled input can be used to allow local users to write to arbitrary memory locations. | 2.1 |
| 2018-01-16 | CVE-2017-17429 | Improper Input Validation vulnerability in K7Computing products In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW integrity process can access a raw hard disk by sending a specific IOCTL. | 2.1 |
| 2018-01-04 | CVE-2017-18019 | Improper Input Validation vulnerability in K7Computing Total Security 14.2.0.252 In K7 Total Security before 15.1.0.305, user-controlled input to the K7Sentry device is not sufficiently sanitized: the user-controlled input can be used to compare an arbitrary memory address with a fixed value, which in turn can be used to read the contents of arbitrary memory. | 3.6 |