Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avast antivirus vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-8308
In Avast Antivirus before v17, an unprivileged user (and thus malware or a virus) can mark an arbitrary process as Trusted from the perspective of the Avast product. This bypasses the Self-Defense feature of the product, opening a door to subsequent attack on many of its componen...
Avast Antivirus
6.5
CVSSv3
CVE-2020-10864
An issue exists in Avast Antivirus prior to 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows malicious users to trigger a reboot via RPC from a Low Integrity process.
Avast Antivirus
7.5
CVSSv3
CVE-2020-10865
An issue exists in Avast Antivirus prior to 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows malicious users to make arbitrary changes to the Components section of the Stats.ini file via RPC from a Low Integrity process.
Avast Antivirus
9.8
CVSSv3
CVE-2020-10867
An issue exists in Avast Antivirus prior to 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows malicious users to bypass intended access restrictions on tasks from an untrusted process, when Self Defense is enabled.
Avast Antivirus
NA
CVE-2005-3214
Multiple interpretation error in unspecified versions of Avast Antivirus allows remote malicious users to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winr...
Alwil Avast Antivirus
6.1
CVSSv3
CVE-2019-18653
A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, Internet Security, and Premiere Edition) 19.3.2369 build 19.3.4241.440 in the Network Notification Popup, allowing an malicious user to execute JavaScript code via an SSID Name.
Avast Antivirus 19.3.2369
7.8
CVSSv3
CVE-2018-12572
Avast Free Antivirus before 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data.
Avast Free Antivirus
NA
CVE-2006-1355
avast! Antivirus 4.6.763 and previous versions sets "BUILTIN\Everyone" permissions to critical system files in the installation folder, which allows local users to gain privileges or disable protection by modifying those files.
Alwil Avast Antivirus
5.5
CVSSv3
CVE-2020-15024
An issue exists in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. An entered password continues to be stored in Windows main memory after a logout, and after a Lock Vault operation.
Avast Antivirus 20.1.5069.562
7
CVSSv3
CVE-2023-5760
A time-of-check to time-of-use (TOCTOU) bug in handling of IOCTL (input/output control) requests. This TOCTOU bug leads to an out-of-bounds write vulnerability which can be further exploited, allowing an malicious user to gain full local privilege escalation on the system.This is...
Avast Avg Antivirus 23.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »