Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avast vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-10868
An issue exists in Avast Antivirus prior to 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows malicious users to launch the Repair App RPC call from a Low Integrity process.
Avast Antivirus
7.5
CVSSv3
CVE-2020-10860
An issue exists in Avast Antivirus prior to 20. An Arbitrary Memory Address Overwrite vulnerability in the aswAvLog Log Library results in Denial of Service of the Avast Service (AvastSvc.exe).
Avast Antivirus
7.5
CVSSv3
CVE-2020-10861
An issue exists in Avast Antivirus prior to 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows malicious users to achieve Arbitrary File Deletion from Avast Program Path via RPC, when Self Defense is Enabled.
Avast Antivirus
7.5
CVSSv3
CVE-2020-10863
An issue exists in Avast Antivirus prior to 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows malicious users to trigger a shutdown via RPC from a Low Integrity process via TempShutDownMachine.
Avast Antivirus
7.5
CVSSv3
CVE-2017-8308
In Avast Antivirus before v17, an unprivileged user (and thus malware or a virus) can mark an arbitrary process as Trusted from the perspective of the Avast product. This bypasses the Self-Defense feature of the product, opening a door to subsequent attack on many of its componen...
Avast Antivirus
7.4
CVSSv3
CVE-2020-8987
Avast AntiTrack prior to 1.5.1.172 and AVG Antitrack prior to 2.0.0.178 proxies traffic to HTTPS sites but does not validate certificates, and thus a man-in-the-middle can host a malicious website using a self-signed certificate. No special action necessary by the victim using An...
Avast Antitrack
Avast Avg Antitrack
1 Article
7.1
CVSSv3
CVE-2022-28964
An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows malicious users to cause a Denial of Service (DoS) via a crafted DLL file.
Avast Premium Security
7
CVSSv3
CVE-2023-5760
A time-of-check to time-of-use (TOCTOU) bug in handling of IOCTL (input/output control) requests. This TOCTOU bug leads to an out-of-bounds write vulnerability which can be further exploited, allowing an malicious user to gain full local privilege escalation on the system.This is...
Avast Avg Antivirus 23.8
6.7
CVSSv3
CVE-2017-5567
Code injection vulnerability in Avast Premier 12.3 (and previous versions), Internet Security 12.3 (and previous versions), Pro Antivirus 12.3 (and previous versions), and Free Antivirus 12.3 (and previous versions) allows a local malicious user to bypass a self-protection mechan...
Avast Pro Antivirus
Avast Internet Security
Avast Free Antivirus
Avast Premier
1 Article
6.5
CVSSv3
CVE-2022-28965
Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows malicious users to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file.
Avast Premium Security
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »