Totalav

totalav

3 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-47787 1Totalav 1Totalav Feb 9, 2026 Jan 16, 2026 8.5 HIGH· v4 7.8 HIGH· v3 N/A· v2 TotalAV 5.15.69 contains an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. Attackers can place malicious executables in specific unquoted path segments to potentially...Show more TotalAV 5.15.69 contains an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. Attackers can place malicious executables in specific unquoted path segments to potentially gain SYSTEM-level access by exploiting the service path configuration.Show less
CVE-2024-31771 1Totalav 1Totalav Jan 21, 2026 May 14, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Insecure Permission vulnerability in TotalAV v.6.0.740 allows a local attacker to escalate privileges via a crafted file
CVE-2019-18194 1Totalav 1Totalav 2020 Nov 21, 2024 Jan 10, 2020 N/A· v4 7.8 HIGH· v3 6.9 MEDIUM· v2 TotalAV 2020 4.14.31 has a quarantine flaw that allows privilege escalation. Exploitation uses an NTFS directory junction to restore a malicious DLL from quarantine into the system32 folder.
CVE-2018-7535 1Totalav 1Totalav Nov 21, 2024 Jul 13, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privile...Show more An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges or obtain maximum control over the product.Show less