VYPR
Vendor

TotalAV

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2019-18194HigJan 10, 2020
    risk 0.54cvss 7.8epss 0.02

    TotalAV 2020 4.14.31 has a quarantine flaw that allows privilege escalation. Exploitation uses an NTFS directory junction to restore a malicious DLL from quarantine into the system32 folder.

  • CVE-2024-31771HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    Insecure Permission vulnerability in TotalAV v.6.0.740 allows a local attacker to escalate privileges via a crafted file

  • CVE-2018-7535HigJul 13, 2018
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges or obtain maximum control over the product.

  • CVE-2021-47787Jan 15, 2026
    risk 0.00cvss epss 0.00

    TotalAV 5.15.69 contains an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. Attackers can place malicious executables in specific unquoted path segments to potentially gain SYSTEM-level access by exploiting the service path…

VYPR — Vulnerability Intelligence