CVE-2025-7073

< 27.0.47.241

A local privilege escalation vulnerability in Bitdefender Total Security versions prior to 27.0.47.241 allows low-privileged atta

7.8HIGH

CVE-2025-7098

all versions

A vulnerability, which was classified as critical, was found in Comodo Internet Security Premium 12.3.4.8162. Affected is an unkno

5.6MEDIUM

CVE-2025-7097

all versions

A vulnerability, which was classified as critical, has been found in Comodo Internet Security Premium 12.3.4.8162. This issue affe

8.1HIGH

CVE-2025-7096

all versions

A vulnerability classified as critical was found in Comodo Internet Security Premium 12.3.4.8162. This vulnerability affects unkno

8.1HIGH

CVE-2025-7095

all versions

A vulnerability classified as critical has been found in Comodo Internet Security Premium 12.3.4.8162. This affects an unknown par

3.7LOW

CVE-2024-6510

< 24.1

Local Privilege Escalation in AVG Internet Security v24 on Windows allows a local unprivileged user to escalate privileges to SYST

7.8HIGH

CVE-2024-7252

all versions

Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local att

7.8HIGH

CVE-2024-7251

all versions

Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local att

7.8HIGH

CVE-2024-7250

all versions

Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local att

7.8HIGH

CVE-2024-7248

all versions

Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attacke

7.8HIGH

CVE-2024-3779

< 17.2.7.0

Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render E

6.1MEDIUM

CVE-2023-6154

all versions

A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender A

7.8HIGH

CVE-2024-0353

< 17.0.10.0

Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files withou

7.8HIGH

CVE-2023-7043

>= 16.1.14.0 and < 17.0.15.0

Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT

3.3LOW

CVE-2024-23940

< 6.0.2103

Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vul

7.8HIGH

CVE-2023-5594

all versions

Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate sig

7.5HIGH

CVE-2023-3160

all versions

The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move fil

7.8HIGH

CVE-2022-0357

< 26.0.10.45

Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Inter

6.7MEDIUM

CVE-2021-37851

>= 11.2 and < 15.1.12.0

Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the

7.3HIGH

CVE-2022-27167

>= 11.2 and < 15.1.12.0

Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" f

7.1HIGH

CVE-2022-27534

< 12.03.2022

Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had

9.8CRITICAL

CVE-2021-27223

< 2021-06

A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky

5.5MEDIUM

CVE-2021-4199

< 26.0.3.29

Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdef

7.8HIGH

CVE-2021-4198

< 26.0.3.29

A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Securi

6.1MEDIUM

CVE-2020-8107

< 24.0.26.136

A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with prod

8.2HIGH

CVE-2021-37852

>= 10.0.337.1 and < 15.0.18.0

ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by attacker to esca

7.8HIGH

CVE-2021-43772

<= 2021

Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the protected folder to be modified w

5.5MEDIUM

CVE-2020-15732

< 25.0.7.29

Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows

6.5MEDIUM

CVE-2021-26718

< 21.1

KIS for macOS in some use cases was vulnerable to AV bypass that potentially allowed an attacker to disable anti-virus protection.

5.5MEDIUM

CVE-2020-26941

<= 13.2

A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (delet

5.5MEDIUM

CVE-2020-11446

all versions

ESET Antivirus and Antispyware Module 1553 through 1560 allows a user with limited access rights to create hard links in so

7.8HIGH

CVE-2020-10193

< 1294

ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. This

7.5HIGH

CVE-2020-9362

all versions

The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects

7.8HIGH

CVE-2020-9264

< 1296

ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive

5.5MEDIUM

CVE-2019-15688

<= 2020

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Sec

6.1MEDIUM

CVE-2019-15687

<= 2020

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Sec

6.5MEDIUM

CVE-2019-15686

<= 2020

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Sec

4.3MEDIUM

CVE-2019-15685

<= 2020

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Sec

4.3MEDIUM

CVE-2019-14242

< 23.0.24.120

An issue was discovered in Bitdefender products for Windows (Bitdefender Endpoint Security Tool versions prior to 6.6.8.115; and B

6.7MEDIUM

CVE-2019-14270

<= 12.0.0.6870

Comodo Antivirus through 12.0.0.6870, Comodo Firewall through 12.0.0.6870, and Comodo Internet Security Premium through 12.0.0.687

7.1HIGH

CVE-2019-8286

<= 2019

Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security versions up to 2019 could po

4.3MEDIUM

CVE-2018-18333

< 15.0.0.1163

A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and below could allow an attacker

7.8HIGH

CVE-2018-0649

all versions

Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. software programs (ESET Smart Security P

7.8HIGH

CVE-2018-15363

<= 12.0

An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local atta

7.8HIGH

CVE-2018-10514

<= 12.0

A Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local at

7.8HIGH

CVE-2018-10513

<= 12.0

A Deserialization of Untrusted Data Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allo

7.8HIGH

CVE-2018-8090

all versions

Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (Q

7.8HIGH

CVE-2018-3608

<= 12.0.1191

A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver co

9.8CRITICAL

CVE-2018-6236

<= 12.0

A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local

7.0HIGH

CVE-2018-6235

<= 12.0

An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local atta

7.8HIGH

CVE-2018-6234

<= 12.0

An Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local att

5.5MEDIUM

CVE-2018-6233

<= 12.0

A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker

7.8HIGH

CVE-2018-6232

<= 12.0

A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker

7.8HIGH

CVE-2017-17429

< 15.1.0297

In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local

5.5MEDIUM

CVE-2017-16557

< 15.1.0297

K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory i

7.0HIGH

CVE-2017-16556

< 15.1.0297

In K7 Antivirus Premium before 15.1.0.53, user-controlled input can be used to allow local users to write to arbitrary memory loca

5.5MEDIUM

CVE-2017-16555

< 15.1.0297

K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory i

7.0HIGH

CVE-2017-16554

< 15.1.0297

K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges,

7.8HIGH

CVE-2017-16553

< 15.1.0297

K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory i

7.0HIGH

CVE-2017-16552

< 15.1.0297

K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges,

7.8HIGH

CVE-2017-16551

< 15.1.0297

K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory i

7.0HIGH

CVE-2017-16550

< 15.1.0297

K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges,

7.8HIGH

CVE-2017-16549

< 15.1.0297

K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges,

7.8HIGH

CVE-2017-12817

all versions

In Kaspersky Internet Security for Android 11.12.4.1622, some of the application trace files were not encrypted.

7.5HIGH

CVE-2017-12816

all versions

In Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities have weak permissions, which might

9.8CRITICAL

CVE-2017-8776

<= 10.1.0.316

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approx

7.5HIGH

CVE-2017-8775

<= 10.1.0.316

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnera

9.8CRITICAL

CVE-2017-8774

<= 10.1.0.316

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnera

9.8CRITICAL

CVE-2017-8773

<= 10.1.0.316

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnera

9.8CRITICAL

CVE-2017-6186

<= 12.0

Code injection vulnerability in Bitdefender Total Security 12.0 (and earlier), Internet Security 12.0 (and earlier), and Antivirus

6.7MEDIUM

CVE-2017-5566

all versions

Code injection vulnerability in AVG Ultimate 17.1 (and earlier), AVG Internet Security 17.1 (and earlier), and AVG AntiVirus FREE

6.7MEDIUM

CVE-2017-5565

<= 11.1.1005

Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 11.0 (and earlier), and Antivir

6.7MEDIUM

CVE-2016-4329

all versions

A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software

5.5MEDIUM

CVE-2016-4307

all versions

A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A speciall

5.5MEDIUM

CVE-2016-4305

all versions

A denial of service vulnerability exists in the syscall filtering functionality of Kaspersky Internet Security KLIF driver. A spec

5.5MEDIUM

CVE-2016-4304

all versions

A denial of service vulnerability exists in the syscall filtering functionality of the Kaspersky Internet Security KLIF driver. A

5.5MEDIUM

CVE-2017-5005

<= 10.1.0.316

Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and Ant

9.8CRITICAL

CVE-2016-1226

all versions

Cross-site scripting (XSS) vulnerability in Trend Micro Internet Security 8 and 10 allows remote attackers to inject arbitrary web

6.1MEDIUM

CVE-2016-1225

all versions

Trend Micro Internet Security 8 and 10 allows remote attackers to read arbitrary files via unspecified vectors.

6.5MEDIUM

CVE-2015-8578

all versions

AVG Internet Security 2015 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses when protecting u

CVE-2014-9632

>= 2013 and < 2013.3495

The TDI driver (avgtdix.sys) in AVG Internet Security before 2013.3495 Hot Fix 18 and 2015.x before 2015.5315 and Protection befor

CVE-2010-5152

all versions

Race condition in AVG Internet Security 9.0.791 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute

CVE-2010-3189

all versions

The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows

CVE-2009-0686

all versions

The TrendMicro Activity Monitor Module (tmactmon.sys) 2.52.0.1002 in Trend Micro Internet Pro 2008 and 2009, and Security Pro 2008

CVE-2009-0850

all versions

Cross-site scripting (XSS) vulnerability in BitDefender Internet Security 2009 allows user-assisted remote attackers to inject arb

CVE-2007-5775

all versions

Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024.

9.8CRITICAL