Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avast vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2007-2845
Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client prior to 4.7.700 allows user-assisted remote malicious users to execute arbitrary code via a crafted CAB archive, resulting from an "integer cast around".
Avast Avast Antivirus
7.8
CVSSv2
CVE-2007-1672
avast! antivirus prior to 4.7.981 allows remote malicious users to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
Avast Avast Antivirus
6.4
CVSSv2
CVE-2015-5662
Directory traversal vulnerability in Avast prior to 150918-0 allows remote malicious users to delete or write to arbitrary files via a crafted entry in a ZIP archive.
Avast Avast Antivirus
9.3
CVSSv2
CVE-2010-3126
Untrusted search path vulnerability in avast! Free Antivirus version 5.0.594 and previous versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc90loc.dll that is located in the same folder as ...
Avast Avast Antivirus Free
1 EDB exploit
6.2
CVSSv2
CVE-2010-5151
Race condition in avast! Internet Security 5.0.462 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory cha...
Avast\\! Avast\\! Internet Security 5.0.462
1.9
CVSSv2
CVE-2013-0122
The avast! Mobile Security application prior to 2.0.4400 for Android allows malicious users to cause a denial of service (application crash) via a crafted application that sends an intent to com.avast.android.mobilesecurity.app.scanner.DeleteFileActivity with zero arguments.
Avast Avast\\! Mobile Security
4.3
CVSSv2
CVE-2020-9399
The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. This affects versions prior to 12 definitions 200114-0 of Antivirus Pro, Antivirus Pro Plus, and Antivirus for Linux.
Avast Antivirus For Linux
Avast Antivirus Pro
Avast Antivirus Pro Plus
5.8
CVSSv2
CVE-2020-8987
Avast AntiTrack prior to 1.5.1.172 and AVG Antitrack prior to 2.0.0.178 proxies traffic to HTTPS sites but does not validate certificates, and thus a man-in-the-middle can host a malicious website using a self-signed certificate. No special action necessary by the victim using An...
Avast Antitrack
Avast Avg Antitrack
1 Article
2.1
CVSSv2
CVE-2010-5075
Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security 5.0 Korean Trial allows local users to cause a denial of service (memory corruption and panic) via a crafted IOCTL_ASWFW_COMM_PIDINFO_RESULTS DeviceIoControl request to \\.\aswFW.
Avast\\! Avast\\! Internet Security 5.0
1 EDB exploit
2.1
CVSSv2
CVE-2020-13657
An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free prior to 20.4 due to improperly handling hard links. The vulnerability allows local users to take control of arbitrary files.
Avast Avg Antivirus
Avast Free Antivirus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »