7 matches found
CVE-2017-12653
CVE-2017-12653 affects 360 Total Security (version 9.0.0.1202 and earlier) with a privilege-escalation path via a Trojan Shcore.dll loaded from PATH (example C:\Python27). The incident stems from loading Shcore.dll, enabling escalation to higher privileges on affected Windows systems. Public sour...
CVE-2018-18603
360 Total Security 3.5.0.1033 is associated with CVE-2018-18603, which describes a sandbox escape via an import os statement followed by os.system("CMD") or os.system("PowerShell") inside a Python file. The root issue is the sandbox permitting shell execution from within a Python file, enabling p...
CVE-2024-22014
CVE-2024-22014 affects 360 Total Security Antivirus (Windows) up to version 11.0.0.1061. The issue enables privilege escalation via Symbolic Link Follow to Arbitrary File Delete, indicating a vulnerability in how symbolic links are resolved when deleting files. Concrete affected product/version d...
CVE-2020-15723
The CVE-2020-15723 entry applies to 360 Total Security, version 12.1.0.1004 and below. The vulnerability exists when the main process calls GameChrome.exe, enabling a DLL hijacking-based local privilege escalation. An attacker who can exploit this could execute arbitrary code on the Local system....
CVE-2021-33973
Consolidated reports describe CVE-2021-33973 as a Buffer Overflow vulnerability in Qihoo 360 Safe guard versions 12.1.0.1004/1005 and 13.1.0.1001 that allows local privilege escalation. The root cause is a buffer overflow in the Safe guard components, with no exploitation details provided in the ...
CVE-2020-15724
In 360 Total Security (version 12.1.0.1005 and earlier), when GameFolder invokes GameChrome.exe, a local privilege escalation vulnerability exists due to DLL hijacking that could enable an arbitrary code execution on the local system. Root cause: DLL hijack during the GameFolder/GameChrome intera...
CVE-2020-15722
360 Total Security