Antivirus

antivirus

Vendor: Avas!t • 31 CVEs

CVEs (31)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-10865 1Avas!t 1Antivirus Nov 21, 2024 Apr 1, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to make arbitrary changes to the Components section of the Stats....Show more An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to make arbitrary changes to the Components section of the Stats.ini file via RPC from a Low Integrity process.Show less
CVE-2020-10864 1Avas!t 1Antivirus Nov 21, 2024 Apr 1, 2020 N/A· v4 6.5 MEDIUM· v3 5.0 MEDIUM· v2 An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a reboot via RPC from a Low Integrity process.
CVE-2020-10863 1Avas!t 1Antivirus Nov 21, 2024 Apr 1, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a shutdown via RPC from a Low Integrity process via Te...Show more An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a shutdown via RPC from a Low Integrity process via TempShutDownMachine.Show less
CVE-2020-10862 1Avas!t 1Antivirus Nov 21, 2024 Apr 1, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to achieve Local Privilege Escalation (LPE) via RPC.
CVE-2020-10861 1Avas!t 1Antivirus Nov 21, 2024 Apr 1, 2020 N/A· v4 7.5 HIGH· v3 6.4 MEDIUM· v2 An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to achieve Arbitrary File Deletion from Avast Program Path via RP...Show more An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to achieve Arbitrary File Deletion from Avast Program Path via RPC, when Self Defense is Enabled.Show less
CVE-2020-10860 1Avas!t 1Antivirus Nov 21, 2024 Apr 1, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in Avast Antivirus before 20. An Arbitrary Memory Address Overwrite vulnerability in the aswAvLog Log Library results in Denial of Service of the Avast Service (AvastSvc.exe).
CVE-2019-18653 1Avas!t 1Antivirus Nov 21, 2024 Nov 1, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, Internet Security, and Premiere Edition) 19.3.2369 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to execute JavaScript cod...Show more A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, Internet Security, and Premiere Edition) 19.3.2369 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to execute JavaScript code via an SSID Name.Show less
CVE-2019-17093 2Avas!t Avg 2Anti Virus Antivirus Nov 21, 2024 Oct 23, 2019 N/A· v4 7.8 HIGH· v3 4.4 MEDIUM· v2 An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8. A DLL Preloading vulnerability allows an attacker to implant %WINDIR%\system32\wbemcomn.dll, which is loaded into a protected-light pr...Show more An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8. A DLL Preloading vulnerability allows an attacker to implant %WINDIR%\system32\wbemcomn.dll, which is loaded into a protected-light process (PPL) and might bypass some of the self-defense mechanisms. This affects all components that use WMI, e.g., AVGSvc.exe 19.6.4546.0 and TuneupSmartScan.dll 19.1.884.0.Show less
CVE-2019-11230 1Avas!t 1Antivirus Nov 21, 2024 Jul 18, 2019 N/A· v4 4.4 MEDIUM· v3 3.6 LOW· v2 In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. The next time the product attempts to write to the log file,...Show more In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. The next time the product attempts to write to the log file, the target of the symlink is renamed. This defect can be exploited to rename a critical product file (e.g., AvastSvc.exe), causing the product to fail to start on the next system restart.Show less
CVE-2017-8308 1Avas!t 1Antivirus May 13, 2026 Apr 27, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Avast Antivirus before v17, an unprivileged user (and thus malware or a virus) can mark an arbitrary process as Trusted from the perspective of the Avast product. This bypasses the Self-Defense feature of the product,...Show more In Avast Antivirus before v17, an unprivileged user (and thus malware or a virus) can mark an arbitrary process as Trusted from the perspective of the Avast product. This bypasses the Self-Defense feature of the product, opening a door to subsequent attack on many of its components.Show less
CVE-2017-8307 1Avas!t 1Antivirus May 13, 2026 Apr 27, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows service, it is possible to launch predefined binaries, or replace or delete arbitrary files. This vulnerability is exploitabl...Show more In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows service, it is possible to launch predefined binaries, or replace or delete arbitrary files. This vulnerability is exploitable by any unprivileged user when Avast Self-Defense is disabled. It is also exploitable in conjunction with CVE-2017-8308 when Avast Self-Defense is enabled. The vulnerability allows for Denial of Service attacks and hiding traces of a possible attack.Show less

Previous 12