Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avast vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2020-15024
An issue exists in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. An entered password continues to be stored in Windows main memory after a logout, and after a Lock Vault operation.
Avast Antivirus 20.1.5069.562
5.1
CVSSv2
CVE-2005-3214
Multiple interpretation error in unspecified versions of Avast Antivirus allows remote malicious users to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winr...
Alwil Avast Antivirus
9.3
CVSSv2
CVE-2008-5523
avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote malicious users to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .tx...
Avast Avast Antivirus 4.8.1281.0
4.4
CVSSv2
CVE-2022-28965
Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows malicious users to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file.
Avast Premium Security
5.4
CVSSv2
CVE-2022-28964
An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows malicious users to cause a Denial of Service (DoS) via a crafted DLL file.
Avast Premium Security
NA
CVE-2022-4291
The aswjsflt.dll library from Avast Antivirus windows contained a potentially exploitable heap corruption vulnerability that could enable an malicious user to bypass the sandbox of the application it was loaded into, if applicable. This issue was fixed in version 18.0.1478 of the...
Avast Script Shield
7.2
CVSSv2
CVE-2006-1355
avast! Antivirus 4.6.763 and previous versions sets "BUILTIN\Everyone" permissions to critical system files in the installation folder, which allows local users to gain privileges or disable protection by modifying those files.
Alwil Avast Antivirus
2.1
CVSSv2
CVE-2020-25289
The VPN service in AVAST SecureLine prior to 5.6.4982.470 allows local users to write to arbitrary files via an Object Manager symbolic link from the log directory (which has weak permissions).
Avast Secureline Vpn
7.5
CVSSv2
CVE-2020-23907
An issue exists in retdec v3.3. In function canSplitFunctionOn() of ir_modifications.cpp, there is a possible out of bounds read due to a heap buffer overflow. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution.
Avast Retdec 3.3
4.3
CVSSv2
CVE-2019-18653
A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, Internet Security, and Premiere Edition) 19.3.2369 build 19.3.4241.440 in the Network Notification Popup, allowing an malicious user to execute JavaScript code via an SSID Name.
Avast Antivirus 19.3.2369
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »