Vulnerabilities > Avast

DATE CVE VULNERABILITY TITLE RISK
2020-09-13 CVE-2020-25289 Link Following vulnerability in Avast Secureline VPN
The VPN service in AVAST SecureLine before 5.6.4982.470 allows local users to write to arbitrary files via an Object Manager symbolic link from the log directory (which has weak permissions).
local
low complexity
avast CWE-59
2.1
2020-09-10 CVE-2020-15024 Insufficiently Protected Credentials vulnerability in Avast Antivirus 20.1.5069.562
An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562.
local
low complexity
avast CWE-522
2.1
2020-06-29 CVE-2020-13657 Improper Privilege Management vulnerability in Avast AVG Antivirus and Free Antivirus
An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free before 20.4 due to improperly handling hard links.
local
low complexity
avast CWE-269
2.1
2020-04-01 CVE-2020-10868 Incorrect Permission Assignment FOR Critical Resource vulnerability in Avast Antivirus
An issue was discovered in Avast Antivirus before 20.
network
low complexity
avast CWE-732
5.0
2020-04-01 CVE-2020-10867 Exposure of Resource TO Wrong Sphere vulnerability in Avast Antivirus
An issue was discovered in Avast Antivirus before 20.
network
low complexity
avast CWE-668
7.5
2020-04-01 CVE-2020-10866 Inadequate Encryption Strength vulnerability in Avast Antivirus
An issue was discovered in Avast Antivirus before 20.
network
low complexity
avast CWE-326
5.0
2020-04-01 CVE-2020-10865 Inclusion of Functionality From Untrusted Control Sphere vulnerability in Avast Antivirus
An issue was discovered in Avast Antivirus before 20.
network
low complexity
avast CWE-829
5.0
2020-04-01 CVE-2020-10864 Improper Input Validation vulnerability in Avast Antivirus
An issue was discovered in Avast Antivirus before 20.
network
low complexity
avast CWE-20
5.0
2020-04-01 CVE-2020-10863 Improper Input Validation vulnerability in Avast Antivirus
An issue was discovered in Avast Antivirus before 20.
network
low complexity
avast CWE-20
5.0
2020-04-01 CVE-2020-10862 Improper Privilege Management vulnerability in Avast Antivirus
An issue was discovered in Avast Antivirus before 20.
local
low complexity
avast CWE-269
4.6