Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avast antivirus vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2021-45338
Multiple privilege escalation vulnerabilities in Avast Antivirus before 20.4 allow a local user to gain elevated privileges by calling unnecessarily powerful internal methods of the main antivirus service which could lead to the (1) arbitrary file delete, (2) write and (3) reset ...
Avast Antivirus
7.2
CVSSv2
CVE-2021-45339
Privilege escalation vulnerability in Avast Antivirus before 20.4 allows a local user to gain elevated privileges by "hollowing" trusted process which could lead to the bypassing of Avast self-defense.
Avast Antivirus
7.2
CVSSv2
CVE-2021-45335
Sandbox component in Avast Antivirus before 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files.
Avast Antivirus
2.1
CVSSv2
CVE-2020-15024
An issue exists in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. An entered password continues to be stored in Windows main memory after a logout, and after a Lock Vault operation.
Avast Antivirus 20.1.5069.562
2.1
CVSSv2
CVE-2020-13657
An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free prior to 20.4 due to improperly handling hard links. The vulnerability allows local users to take control of arbitrary files.
Avast Avg Antivirus
Avast Free Antivirus
5
CVSSv2
CVE-2020-10866
An issue exists in Avast Antivirus prior to 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows malicious users to enumerate the network interfaces and access points from a Low Integrity process via RPC.
Avast Antivirus
5
CVSSv2
CVE-2020-10868
An issue exists in Avast Antivirus prior to 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows malicious users to launch the Repair App RPC call from a Low Integrity process.
Avast Antivirus
5
CVSSv2
CVE-2020-10865
An issue exists in Avast Antivirus prior to 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows malicious users to make arbitrary changes to the Components section of the Stats.ini file via RPC from a Low Integrity process.
Avast Antivirus
7.5
CVSSv2
CVE-2020-10867
An issue exists in Avast Antivirus prior to 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows malicious users to bypass intended access restrictions on tasks from an untrusted process, when Self Defense is enabled.
Avast Antivirus
5
CVSSv2
CVE-2020-10860
An issue exists in Avast Antivirus prior to 20. An Arbitrary Memory Address Overwrite vulnerability in the aswAvLog Log Library results in Denial of Service of the Avast Service (AvastSvc.exe).
Avast Antivirus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »