Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avast avast antivirus vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-45335
Sandbox component in Avast Antivirus before 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files.
Avast Antivirus
8.8
CVSSv3
CVE-2021-45336
Privilege escalation vulnerability in the Sandbox component of Avast Antivirus before 20.4 allows a local sandboxed code to gain elevated privileges by using system IPC interfaces which could lead to exit the sandbox and acquire SYSTEM privileges.
Avast Antivirus
7.8
CVSSv3
CVE-2021-45339
Privilege escalation vulnerability in Avast Antivirus before 20.4 allows a local user to gain elevated privileges by "hollowing" trusted process which could lead to the bypassing of Avast self-defense.
Avast Antivirus
7.8
CVSSv3
CVE-2021-45338
Multiple privilege escalation vulnerabilities in Avast Antivirus before 20.4 allow a local user to gain elevated privileges by calling unnecessarily powerful internal methods of the main antivirus service which could lead to the (1) arbitrary file delete, (2) write and (3) reset ...
Avast Antivirus
NA
CVE-2005-3214
Multiple interpretation error in unspecified versions of Avast Antivirus allows remote malicious users to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winr...
Alwil Avast Antivirus
6.1
CVSSv3
CVE-2019-18653
A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, Internet Security, and Premiere Edition) 19.3.2369 build 19.3.4241.440 in the Network Notification Popup, allowing an malicious user to execute JavaScript code via an SSID Name.
Avast Antivirus 19.3.2369
5.5
CVSSv3
CVE-2020-15024
An issue exists in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. An entered password continues to be stored in Windows main memory after a logout, and after a Lock Vault operation.
Avast Antivirus 20.1.5069.562
7.8
CVSSv3
CVE-2018-12572
Avast Free Antivirus before 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data.
Avast Free Antivirus
NA
CVE-2006-1355
avast! Antivirus 4.6.763 and previous versions sets "BUILTIN\Everyone" permissions to critical system files in the installation folder, which allows local users to gain privileges or disable protection by modifying those files.
Alwil Avast Antivirus
NA
CVE-2006-1892
avast! 4 Linux Home Edition 1.0.5 allows local users to modify permissions of arbitrary files via a symlink attack on the /tmp/_avast4_ temporary directory.
Alwil Avast Antivirus 1.0.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »