Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avast avast vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-10864
An issue exists in Avast Antivirus prior to 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows malicious users to trigger a reboot via RPC from a Low Integrity process.
Avast Antivirus
5.8
CVSSv2
CVE-2020-8987
Avast AntiTrack prior to 1.5.1.172 and AVG Antitrack prior to 2.0.0.178 proxies traffic to HTTPS sites but does not validate certificates, and thus a man-in-the-middle can host a malicious website using a self-signed certificate. No special action necessary by the victim using An...
Avast Antitrack
Avast Avg Antitrack
1 Article
4.3
CVSSv2
CVE-2020-9399
The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. This affects versions prior to 12 definitions 200114-0 of Antivirus Pro, Antivirus Pro Plus, and Antivirus for Linux.
Avast Antivirus For Linux
Avast Antivirus Pro
Avast Antivirus Pro Plus
7.2
CVSSv2
CVE-2019-17190
A Local Privilege Escalation issue exists in Avast Secure Browser 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe (which is running as NT AUTHORITY\SYSTEM) when AvastSecureBrowser.exe checks for new updates. When the update check is tr...
Avast Secure Browser 76.0.1659.101
4.3
CVSSv2
CVE-2019-18893
XSS in the Video Downloader component prior to 1.5 of Avast Secure Browser 77.1.1831.91 and AVG Secure Browser 77.0.1790.77 allows websites to execute their code in the context of this component. While Video Downloader is technically a browser extension, it is granted a very wide...
Avast Secure Browser 77.1.1831.91
Avg Secure Browser 77.0.1790.77
Video Downloader Project Video Downloader
9.3
CVSSv2
CVE-2019-18894
In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the processing of a command allows execution of arbitrary OS commands with the privileges...
Avast Premium Security 19.8.2393
4.3
CVSSv2
CVE-2019-18653
A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, Internet Security, and Premiere Edition) 19.3.2369 build 19.3.4241.440 in the Network Notification Popup, allowing an malicious user to execute JavaScript code via an SSID Name.
Avast Antivirus 19.3.2369
4.4
CVSSv2
CVE-2019-17093
An issue exists in Avast antivirus prior to 19.8 and AVG antivirus prior to 19.8. A DLL Preloading vulnerability allows an malicious user to implant %WINDIR%\system32\wbemcomn.dll, which is loaded into a protected-light process (PPL) and might bypass some of the self-defense mech...
Avg Anti-virus
Avast Antivirus
3.6
CVSSv2
CVE-2019-11230
In Avast Antivirus prior to 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. The next time the product attempts to write to the log file, the target of the symlink is renamed. This defect can be ...
Avast Antivirus
2.1
CVSSv2
CVE-2018-12572
Avast Free Antivirus before 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data.
Avast Free Antivirus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »