Aggregates CVE and security vulnerability intelligence across all zillya-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk input validation and vendor risk path handling, with potential vendor impact unexpected behavior and vendor impact file overwrite across vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-53973 | Zillya Total Security 3.0.2367.0 contains a privilege escalation vulnerability that allows low-privileged users to copy files to unauthorized system locations using the quarantine module. Attackers can leverage symbolic link techniques to restore quarantined files to restricted directories, potentially enabling system-level access through techniques like DLL hijacking. | [email protected] | 8.5 | 0.01% | 2025-12-22 | 2026-01-03 |
| CVE-2018-5958 | In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402424. | [email protected] | 7.8 | 0.04% | 2018-01-21 | 2024-11-21 |
| CVE-2018-5957 | In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40242C. | [email protected] | 7.8 | 0.05% | 2018-01-21 | 2024-11-21 |
| CVE-2018-5956 | In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402414. | [email protected] | 7.8 | 0.04% | 2018-01-21 | 2024-11-21 |