Total Security
Approved changes feed: RSS · Atom
cpe:2.3:a:quickheal:total_security:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Quickheal (1ee95b6e-4369-5091-8b15-0bd75ffc9bed) |
|---|---|
| Product | Total Security (06acea9c-584a-5352-b87c-e5d1330aaf3d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-31467 |
vulnerable | 2026-06-08 05:43:40.796083 |
DLL Hijacking Vulnerability in Quick Heal Total Security
HIGH (7.9)
A DLL hijacking vulnerability in the installed for Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, leading to execution of arbitrary code, via the installer not restricting the search path for required DLLs and then not verifying the signature of the DLLs it tries to load.
Published: 2022-05-23T18:19:17.000Z
Updated: 2024-08-03T07:19:05.695Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-31466 |
vulnerable | 2026-06-08 05:43:40.795650 |
TOCTOU Vulnerability in Quick Heal Total Security
HIGH (7.9)
Time of Check - Time of Use (TOCTOU) vulnerability in Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, potentially leading to deletion of system files. This is achieved through exploiting the time between detecting a file as malicious and when the action of quarantining or cleaning is performed, and using the time to replace the malicious file by a symlink.
Published: 2022-05-23T18:19:30.000Z
Updated: 2024-08-03T07:19:05.682Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-27587 |
vulnerable | 2026-06-08 05:23:52.798705 |
Details available
Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access to files in the File Vault via a brute-force attack on the password.
Published: 2020-11-30T19:42:02.000Z
Updated: 2024-08-04T16:18:44.399Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-27586 |
vulnerable | 2026-06-08 05:23:52.798399 |
Details available
Quick Heal Total Security before version 19.0 transmits quarantine and sysinfo files via clear text.
Published: 2020-11-30T19:41:59.000Z
Updated: 2024-08-04T16:18:44.402Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-27585 |
vulnerable | 2026-06-08 05:23:52.797987 |
Details available
Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify sensitive anti virus settings via a brute-attack on the settings password.
Published: 2020-11-30T19:41:56.000Z
Updated: 2024-08-04T16:18:44.945Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-8776 |
vulnerable | 2026-06-08 05:10:08.875880 |
Details available
Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the product.
Published: 2017-05-04T03:55:00.000Z
Updated: 2024-09-16T17:34:17.668Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-8775 |
vulnerable | 2026-06-08 05:10:08.875546 |
Details available
Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file.
Published: 2017-05-04T03:55:00.000Z
Updated: 2024-09-17T00:56:27.615Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-8774 |
vulnerable | 2026-06-08 05:10:08.875083 |
Details available
Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file.
Published: 2017-05-04T03:55:00.000Z
Updated: 2024-09-16T23:52:08.049Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-8773 |
vulnerable | 2026-06-08 05:10:08.874624 |
Details available
Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADER_V1_PACKED. This vulnerability can be exploited to gain Remote Code Execution as well as Privilege Escalation.
Published: 2017-05-04T03:55:00.000Z
Updated: 2024-09-17T00:51:37.681Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-5005 |
vulnerable | 2026-06-08 05:09:38.990640 |
Details available
Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to execute arbitrary code via a crafted LC_UNIXTHREAD.cmdsize field in a Mach-O file that is mishandled during a Security Scan (aka Custom Scan) operation.
Published: 2017-01-02T22:00:00.000Z
Updated: 2024-08-05T14:47:43.826Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.