Antivirus

antivirus

Vendor: Avas!t • 31 CVEs

CVEs (31)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-13032 1Avas!t 1Antivirus Dec 8, 2025 Nov 11, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3 on windows allows local attacker to escalate privelages via pool overflow.
CVE-2024-9484 2Avas!t Avg 2Antivirus Antivirus Nov 8, 2024 Oct 4, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing.
CVE-2024-9483 2Avas!t Avg 2Antivirus Antivirus Nov 8, 2024 Oct 4, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing.
CVE-2024-9482 2Avas!t Avg 2Antivirus Antivirus Nov 8, 2024 Oct 4, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing.
CVE-2024-9481 2Avas!t Avg 2Antivirus Antivirus Nov 8, 2024 Oct 4, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing.
CVE-2024-5102 1Avas!t 1Antivirus Nov 21, 2024 Jun 10, 2024 7.3 HIGH· v4 7.0 HIGH· v3 N/A· v2 A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\SYSTEM. The vulnerability exists withi...Show more A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\SYSTEM. The vulnerability exists within the "Repair" (settings -> troubleshooting -> repair) feature, which attempts to delete a file in the current user's AppData directory as NT AUTHORITY\SYSTEM. A low-privileged user can make a pseudo-symlink and a junction folder and point to a file on the system. This can provide a low-privileged user an Elevation of Privilege to win a race-condition which will re-create the system files and make Windows callback to a specially-crafted file which could be used to launch a privileged shell instance. This issue affects Avast Antivirus prior to 24.2.Show less
CVE-2020-20118 1Avas!t 1Antivirus Nov 21, 2024 Jul 11, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Buffer Overflow vulnerability in Avast AntiVirus before v.19.7 allows a local attacker to cause a denial of service via a crafted request to the aswSnx.sys driver.
CVE-2023-1587 2Avas!t Avg 2Anti Virus Antivirus Nov 21, 2024 Apr 19, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11
CVE-2023-1586 2Avas!t Avg 2Anti Virus Antivirus Nov 21, 2024 Apr 19, 2023 N/A· v4 4.7 MEDIUM· v3 N/A· v2 Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the restore process leading to arbitrary file creation. The issue was fixed with Avast and AVG Antivirus vers...Show more Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the restore process leading to arbitrary file creation. The issue was fixed with Avast and AVG Antivirus version 22.11Show less
CVE-2023-1585 2Avas!t Avg 2Anti Virus Antivirus Nov 21, 2024 Apr 19, 2023 N/A· v4 6.3 MEDIUM· v3 N/A· v2 Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. The issue was fixed with Avast and AVG...Show more Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. The issue was fixed with Avast and AVG Antivirus version 22.11 and virus definitions from 14 February 2023 or later. Show less
CVE-2022-4294 4Avas!t AvgAvira+1 more 4Antivirus AntivirusAvira Security+1 more Nov 21, 2024 Jan 10, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain eleva...Show more Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. Show less
CVE-2021-45339 1Avas!t 1Antivirus Nov 21, 2024 Dec 27, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Privilege escalation vulnerability in Avast Antivirus prior to 20.4 allows a local user to gain elevated privileges by "hollowing" trusted process which could lead to the bypassing of Avast self-defense.
CVE-2021-45338 1Avas!t 1Antivirus Nov 21, 2024 Dec 27, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Multiple privilege escalation vulnerabilities in Avast Antivirus prior to 20.4 allow a local user to gain elevated privileges by calling unnecessarily powerful internal methods of the main antivirus service which could l...Show more Multiple privilege escalation vulnerabilities in Avast Antivirus prior to 20.4 allow a local user to gain elevated privileges by calling unnecessarily powerful internal methods of the main antivirus service which could lead to the (1) arbitrary file delete, (2) write and (3) reset security.Show less
CVE-2021-45337 1Avas!t 1Antivirus Nov 21, 2024 Dec 27, 2021 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus prior to 20.8 allows a local user with SYSTEM privileges to gain elevated privileges by "hollowing" process wsc_proxy.exe which could lead...Show more Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus prior to 20.8 allows a local user with SYSTEM privileges to gain elevated privileges by "hollowing" process wsc_proxy.exe which could lead to acquire antimalware (AM-PPL) protection.Show less
CVE-2021-45336 1Avas!t 1Antivirus Nov 21, 2024 Dec 27, 2021 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 Privilege escalation vulnerability in the Sandbox component of Avast Antivirus prior to 20.4 allows a local sandboxed code to gain elevated privileges by using system IPC interfaces which could lead to exit the sandbox a...Show more Privilege escalation vulnerability in the Sandbox component of Avast Antivirus prior to 20.4 allows a local sandboxed code to gain elevated privileges by using system IPC interfaces which could lead to exit the sandbox and acquire SYSTEM privileges.Show less
CVE-2021-45335 1Avas!t 1Antivirus Nov 21, 2024 Dec 27, 2021 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files.
CVE-2020-15024 1Avas!t 1Antivirus Nov 21, 2024 Sep 10, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. An entered password continues to be stored in Windows main memory after a logout, and after a Lock...Show more An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. An entered password continues to be stored in Windows main memory after a logout, and after a Lock Vault operation.Show less
CVE-2020-10868 1Avas!t 1Antivirus Nov 21, 2024 Apr 1, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to launch the Repair App RPC call from a Low Integrity process.
CVE-2020-10867 1Avas!t 1Antivirus Nov 21, 2024 Apr 1, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to bypass intended access restrictions on tasks from an untrusted...Show more An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to bypass intended access restrictions on tasks from an untrusted process, when Self Defense is enabled.Show less
CVE-2020-10866 1Avas!t 1Antivirus Nov 21, 2024 Apr 1, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to enumerate the network interfaces and access points from a Low...Show more An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to enumerate the network interfaces and access points from a Low Integrity process via RPC.Show less

12 Next