418 matches found
EUVD-2026-36688
A security flaw has been discovered in Qihoo 360 Total Security 6.0. This vulnerability affects the function RpcStringBindingComposeW of the component Nucleus Engine Monitoring Logic. Performing a manipulation of the argument NetworkAddr results in protection mechanism failure. The attack require...
CVE-2026-12214
Qihoo 360 Total Security 6.0 contains a vulnerability in the RpcStringBindingComposeW function within the Nucleus Engine Monitoring Logic. Manipulating the NetworkAddr argument can cause protection mechanism failure, allowing a local attacker to exploit the issue. The exploit is publicly availabl...
CVE-2026-12214 Qihoo 360 Total Security Nucleus Engine Monitoring Logic RpcStringBindingComposeW protection mechanism
A security flaw has been discovered in Qihoo 360 Total Security 6.0. This vulnerability affects the function RpcStringBindingComposeW of the component Nucleus Engine Monitoring Logic. Performing a manipulation of the argument NetworkAddr results in protection mechanism failure. The attack require...
CVE-2026-12214 Qihoo 360 Total Security Nucleus Engine Monitoring Logic RpcStringBindingComposeW protection mechanism
A security flaw has been discovered in Qihoo 360 Total Security 6.0. This vulnerability affects the function RpcStringBindingComposeW of the component Nucleus Engine Monitoring Logic. Performing a manipulation of the argument NetworkAddr results in protection mechanism failure. The attack require...
PT-2026-49176
A security flaw has been discovered in Qihoo 360 Total Security 6.0. This vulnerability affects the function RpcStringBindingComposeW of the component Nucleus Engine Monitoring Logic. Performing a manipulation of the argument NetworkAddr results in protection mechanism failure. The attack require...
CVE-2025-69875
A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. This behavior can be...
CVE-2025-69875
A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. This behavior can be...
CVE-2025-69875
CVE-2025-69875 – Quick Heal Total Security 23.0.0 (quarantine management) : The issue is insufficient validation of restore paths and improper permission handling, allowing a low-privileged local user to restore quarantined files into protected system directories, potentially enabling privilege e...
EUVD-2025-206708
A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. This behavior can be...
CVE-2016-10898
The total-security plugin before 3.4.1 for WordPress has XSS...
CVE-2022-31467
A DLL hijacking vulnerability in the installed for Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, leading to execution of arbitrary code, via the installer not restricting the search path for required DLLs and then not verifying the signature...
CVE-2022-31466
Time of Check - Time of Use TOCTOU vulnerability in Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, potentially leading to deletion of system files. This is achieved through exploiting the time between detecting a file as malicious and when th...
CVE-2023-53973
Zillya Total Security 3.0.2367.0 contains a privilege escalation vulnerability that allows low-privileged users to copy files to unauthorized system locations using the quarantine module. Attackers can leverage symbolic link techniques to restore quarantined files to restricted directories,...
CVE-2023-53973
Zillya Total Security 3.0.2367.0 contains a privilege escalation vulnerability that allows low-privileged users to copy files to unauthorized system locations using the quarantine module. Attackers can leverage symbolic link techniques to restore quarantined files to restricted directories,...
CVE-2023-53973 Zillya Total Security 3.0.2367.0 Local Privilege Escalation via Quarantine Module
Zillya Total Security 3.0.2367.0 contains a privilege escalation vulnerability that allows low-privileged users to copy files to unauthorized system locations using the quarantine module. Attackers can leverage symbolic link techniques to restore quarantined files to restricted directories,...
Zillya Total Security 安全漏洞
Zillya Total Security is a network security protection suite from the Ukrainian company Zillya. A security vulnerability exists in Zillya Total Security version 3.0.2367.0, which stems from an elevation of privilege issue in the quarantine module that could cause a low-privileged user to copy fil...
PT-2025-52710
Name of the Vulnerable Software and Affected Versions Zillya Total Security version 3.0.2367.0 Description Zillya Total Security allows low-privileged users to copy files to unauthorized system locations through the quarantine module, leading to potential privilege escalation. Attackers can use...
CVE-2025-7073
A local privilege escalation vulnerability in Bitdefender Total Security 27.0.46.231 allows low-privileged attackers to elevate privileges. The issue arises from bdservicehost.exe deleting files from a user-writable directory C:\ProgramData\Atc\Feedback without proper symbolic link validation,...
CVE-2025-7073
A local privilege escalation vulnerability in Bitdefender Total Security versions prior to 27.0.47.241 allows low-privileged attackers to elevate privileges. The issue arises from bdservicehost.exe deleting files from a user-writable directory C:\ProgramData\Atc\Feedback without proper symbolic...
CVE-2025-7073
A local privilege escalation vulnerability in Bitdefender Total Security versions prior to 27.0.47.241 allows low-privileged attackers to elevate privileges. The issue arises from bdservicehost.exe deleting files from a user-writable directory C:\ProgramData\Atc\Feedback without proper symbolic...