Skip to main content

Antivirus Pro

9 CVEs product

Monthly

CVE-2020-9399 MEDIUM This Month

The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Antivirus For Linux Antivirus Pro Antivirus Pro Plus
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2020-9362 HIGH This Week

The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Antivirus For Server Antivirus Pro Home Security +3
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2018-8090 HIGH This Week

Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Antivirus Pro Internet Security Total Security
NVD GitHub
CVSS 3.1
7.8
EPSS
1.2%
CVE-2017-8776 HIGH This Week

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Antivirus Pro Internet Security Total Security
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2017-8775 CRITICAL Act Now

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Antivirus Pro Internet Security Total Security
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2017-8774 CRITICAL Act Now

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Antivirus Pro Internet Security Total Security
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2017-8773 CRITICAL Act Now

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Microsoft Memory Corruption Privilege Escalation +3
NVD
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-5005 CRITICAL POC THREAT Emergency

Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 30.6%.

Memory Corruption Buffer Overflow RCE Antivirus Pro Internet Security +1
NVD GitHub
CVSS 3.1
9.8
EPSS
30.6%
Threat
4.4
CVE-2013-6767 HIGH POC This Week

Stack-based buffer overflow in pepoly.dll in Quick Heal AntiVirus Pro 7.0.0.1 allows local users to execute arbitrary code or cause a denial of service (process crash) via a long *.text value in a PE. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Antivirus Pro
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.3%
EPSS 1% CVSS 5.5
MEDIUM This Month

The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Antivirus For Linux Antivirus Pro +1
NVD
EPSS 2% CVSS 7.8
HIGH This Week

The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Antivirus For Server +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Antivirus Pro Internet Security +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Antivirus Pro Internet Security +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Antivirus Pro +2
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Antivirus Pro +2
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Microsoft +5
NVD
EPSS 31% 4.4 CVSS 9.8
CRITICAL POC THREAT Emergency

Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 30.6%.

Memory Corruption Buffer Overflow RCE +3
NVD GitHub
EPSS 0% CVSS 7.2
HIGH POC This Week

Stack-based buffer overflow in pepoly.dll in Quick Heal AntiVirus Pro 7.0.0.1 allows local users to execute arbitrary code or cause a denial of service (process crash) via a long *.text value in a PE. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy