Total Security

total_security

Vendor: Quickheal • 14 CVEs

CVEs (14)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-69875 1Quickheal 1Total Security Feb 11, 2026 Feb 3, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to resto...Show more A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. This behavior can be abused by a local attacker to place files in high-privilege locations, potentially leading to privilege escalation.Show less
CVE-2022-31467 1Quickheal 1Total Security Nov 21, 2024 May 23, 2022 N/A· v4 7.3 HIGH· v3 4.4 MEDIUM· v2 A DLL hijacking vulnerability in the installed for Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, leading to execution of arbitrary code, via the installer not restr...Show more A DLL hijacking vulnerability in the installed for Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, leading to execution of arbitrary code, via the installer not restricting the search path for required DLLs and then not verifying the signature of the DLLs it tries to load.Show less
CVE-2022-31466 1Quickheal 1Total Security Nov 21, 2024 May 23, 2022 N/A· v4 7.0 HIGH· v3 4.4 MEDIUM· v2 Time of Check - Time of Use (TOCTOU) vulnerability in Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, potentially leading to deletion of system files. This is achieve...Show more Time of Check - Time of Use (TOCTOU) vulnerability in Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, potentially leading to deletion of system files. This is achieved through exploiting the time between detecting a file as malicious and when the action of quarantining or cleaning is performed, and using the time to replace the malicious file by a symlink.Show less
CVE-2020-27587 1Quickheal 1Total Security Nov 21, 2024 Nov 30, 2020 N/A· v4 6.7 MEDIUM· v3 2.1 LOW· v2 Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access to files in the File Vault via a brute-force attack on the password.
CVE-2020-27586 1Quickheal 1Total Security Nov 21, 2024 Nov 30, 2020 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 Quick Heal Total Security before version 19.0 transmits quarantine and sysinfo files via clear text.
CVE-2020-27585 1Quickheal 1Total Security Nov 21, 2024 Nov 30, 2020 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify sensitive anti virus settings via a brute-attack on the settings password.
CVE-2020-9362 1Quickheal 6Antivirus For Server Antivirus ProHome Security+3 more Nov 21, 2024 Feb 24, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Secu...Show more The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, and Total Security for Android.Show less
CVE-2018-8090 1Quickheal 3Antivirus Pro Internet SecurityTotal Security Nov 21, 2024 Jul 25, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00...Show more Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17.00 (QHIS32.exe), (QHISFT32.exe) - Version 10.0.0.37; Quick Heal AntiVirus Pro 64 bit 17.00 (QHAV64.exe), (QHAVFT64.exe) - Version 10.0.0.37; and Quick Heal AntiVirus Pro 32 bit 17.00 (QHAV32.exe), (QHAVFT32.exe) - Version 10.0.0.37 allow DLL Hijacking because of Insecure Library Loading.Show less
CVE-2017-8776 1Quickheal 3Antivirus Pro Internet SecurityTotal Security May 13, 2026 May 4, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mecha...Show more Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the product.Show less
CVE-2017-8775 1Quickheal 3Antivirus Pro Internet SecurityTotal Security May 13, 2026 May 4, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file.
CVE-2017-8774 1Quickheal 3Antivirus Pro Internet SecurityTotal Security May 13, 2026 May 4, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file.
CVE-2017-8773 1Quickheal 3Antivirus Pro Internet SecurityTotal Security May 13, 2026 May 4, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSiz...Show more Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADER_V1_PACKED. This vulnerability can be exploited to gain Remote Code Execution as well as Privilege Escalation.Show less
CVE-2015-8285 1Quickheal 1Total Security May 13, 2026 Apr 20, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The webssx.sys driver in QuickHeal 16.00 allows remote attackers to cause a denial of service.
CVE-2017-5005 1Quickheal 3Antivirus Pro Internet SecurityTotal Security May 6, 2026 Jan 2, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to execute arbitrary cod...Show more Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to execute arbitrary code via a crafted LC_UNIXTHREAD.cmdsize field in a Mach-O file that is mishandled during a Security Scan (aka Custom Scan) operation.Show less