Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avast vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-2384
Directory traversal vulnerability in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote malicious users to write arbitrary files via an ACE archive containing filenames with (1) ...
Alwil Avast Antivirus 4.6.665
Alwil Avast Antivirus 4.6.460
NA
CVE-2005-2385
Buffer overflow in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote malicious users to execute arbitrary code via an ACE archive containing a long filename.
Alwil Avast Antivirus 4.6.665
Alwil Avast Antivirus 4.6.460
7.5
CVSSv3
CVE-2020-10865
An issue exists in Avast Antivirus prior to 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows malicious users to make arbitrary changes to the Components section of the Stats.ini file via RPC from a Low Integrity process.
Avast Antivirus
5.5
CVSSv3
CVE-2020-20118
Buffer Overflow vulnerability in Avast AntiVirus before v.19.7 allows a local malicious user to cause a denial of service via a crafted request to the aswSnx.sys driver.
Avast Antivirus
9.8
CVSSv3
CVE-2017-8307
In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows service, it is possible to launch predefined binaries, or replace or delete arbitrary files. This vulnerability is exploitable by any unprivileged user when Avast Self-Defense is disabl...
Avast Antivirus
8.8
CVSSv3
CVE-2021-45335
Sandbox component in Avast Antivirus before 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files.
Avast Antivirus
8.8
CVSSv3
CVE-2021-45336
Privilege escalation vulnerability in the Sandbox component of Avast Antivirus before 20.4 allows a local sandboxed code to gain elevated privileges by using system IPC interfaces which could lead to exit the sandbox and acquire SYSTEM privileges.
Avast Antivirus
7.8
CVSSv3
CVE-2021-45339
Privilege escalation vulnerability in Avast Antivirus before 20.4 allows a local user to gain elevated privileges by "hollowing" trusted process which could lead to the bypassing of Avast self-defense.
Avast Antivirus
7.5
CVSSv3
CVE-2017-8308
In Avast Antivirus before v17, an unprivileged user (and thus malware or a virus) can mark an arbitrary process as Trusted from the perspective of the Avast product. This bypasses the Self-Defense feature of the product, opening a door to subsequent attack on many of its componen...
Avast Antivirus
7.5
CVSSv3
CVE-2020-10860
An issue exists in Avast Antivirus prior to 20. An Arbitrary Memory Address Overwrite vulnerability in the aswAvLog Log Library results in Denial of Service of the Avast Service (AvastSvc.exe).
Avast Antivirus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »