VYPR

Antivirus

by Avast\!

CVEs (52)

  • CVE-2024-7233Nov 22, 2024
    risk 0.00cvss epss 0.00

    Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on…

  • CVE-2024-7232Nov 22, 2024
    risk 0.00cvss epss 0.00

    Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on…

  • CVE-2024-7227Nov 22, 2024
    risk 0.00cvss epss 0.00

    Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on…

  • CVE-2024-7228Nov 22, 2024
    risk 0.00cvss epss 0.00

    Avast Free Antivirus Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on…

  • CVE-2024-9482Oct 4, 2024
    risk 0.00cvss epss 0.00

    An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing.

  • CVE-2024-5102Jun 10, 2024
    risk 0.00cvss epss 0.00

    A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\SYSTEM. The vulnerability exists within the "Repair" (settings -> troubleshooting -> repair)…

  • CVE-2020-20118Jul 11, 2023
    risk 0.00cvss epss 0.00

    Buffer Overflow vulnerability in Avast AntiVirus before v.19.7 allows a local attacker to cause a denial of service via a crafted request to the aswSnx.sys driver.

  • CVE-2023-1587Apr 19, 2023
    risk 0.00cvss epss 0.00

    Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11

  • CVE-2021-34998Jan 13, 2022
    risk 0.00cvss epss 0.00

    This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Free Antivirus 20.2.0.0. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The…

  • CVE-2021-45339Dec 27, 2021
    risk 0.00cvss epss 0.00

    Privilege escalation vulnerability in Avast Antivirus prior to 20.4 allows a local user to gain elevated privileges by "hollowing" trusted process which could lead to the bypassing of Avast self-defense.

  • CVE-2021-45338Dec 27, 2021
    risk 0.00cvss epss 0.00

    Multiple privilege escalation vulnerabilities in Avast Antivirus prior to 20.4 allow a local user to gain elevated privileges by calling unnecessarily powerful internal methods of the main antivirus service which could lead to the (1) arbitrary file delete, (2) write and (3)…

  • CVE-2021-45337Dec 27, 2021
    risk 0.00cvss epss 0.00

    Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus prior to 20.8 allows a local user with SYSTEM privileges to gain elevated privileges by "hollowing" process wsc_proxy.exe which could lead to acquire antimalware (AM-PPL) protection.

  • CVE-2020-15024Sep 10, 2020
    risk 0.00cvss epss 0.00

    An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. An entered password continues to be stored in Windows main memory after a logout, and after a Lock Vault operation.

  • CVE-2020-13657Jun 29, 2020
    risk 0.00cvss epss 0.00

    An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free before 20.4 due to improperly handling hard links. The vulnerability allows local users to take control of arbitrary files.

  • CVE-2020-10868Apr 1, 2020
    risk 0.00cvss epss 0.02

    An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to launch the Repair App RPC call from a Low Integrity process.

  • CVE-2020-10867Apr 1, 2020
    risk 0.00cvss epss 0.02

    An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to bypass intended access restrictions on tasks from an untrusted process, when Self Defense is enabled.

  • CVE-2020-10862Apr 1, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to achieve Local Privilege Escalation (LPE) via RPC.

  • CVE-2019-18653Nov 1, 2019
    risk 0.00cvss epss 0.01

    A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, Internet Security, and Premiere Edition) 19.3.2369 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to execute JavaScript code via an SSID Name.

  • CVE-2019-11230Jul 18, 2019
    risk 0.00cvss epss 0.01

    In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. The next time the product attempts to write to the log file, the target of the symlink is renamed. This defect can be…

  • CVE-2018-12572Mar 17, 2019
    risk 0.00cvss epss 0.00

    Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data.