Vulnerabilities > Avast
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-27 | CVE-2021-45336 | Unspecified vulnerability in Avast Antivirus Privilege escalation vulnerability in the Sandbox component of Avast Antivirus prior to 20.4 allows a local sandboxed code to gain elevated privileges by using system IPC interfaces which could lead to exit the sandbox and acquire SYSTEM privileges. | 7.2 |
| 2021-12-27 | CVE-2021-45337 | Unspecified vulnerability in Avast Antivirus Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus prior to 20.8 allows a local user with SYSTEM privileges to gain elevated privileges by "hollowing" process wsc_proxy.exe which could lead to acquire antimalware (AM-PPL) protection. | 7.2 |
| 2021-12-27 | CVE-2021-45338 | Unspecified vulnerability in Avast Antivirus Multiple privilege escalation vulnerabilities in Avast Antivirus prior to 20.4 allow a local user to gain elevated privileges by calling unnecessarily powerful internal methods of the main antivirus service which could lead to the (1) arbitrary file delete, (2) write and (3) reset security. | 7.2 |
| 2021-12-27 | CVE-2021-45339 | Incorrect Authorization vulnerability in Avast Antivirus Privilege escalation vulnerability in Avast Antivirus prior to 20.4 allows a local user to gain elevated privileges by "hollowing" trusted process which could lead to the bypassing of Avast self-defense. | 7.2 |
| 2021-04-21 | CVE-2020-23907 | Out-of-bounds Write vulnerability in Avast Retdec 3.3 An issue was discovered in retdec v3.3. | 7.5 |
| 2021-03-29 | CVE-2021-27241 | Link Following vulnerability in Avast Premium Security 20.8.2429 This vulnerability allows local attackers to delete arbitrary directories on affected installations of Avast Premium Security 20.8.2429 (Build 20.8.5653.561). | 3.6 |
| 2020-09-13 | CVE-2020-25289 | Link Following vulnerability in Avast Secureline VPN The VPN service in AVAST SecureLine before 5.6.4982.470 allows local users to write to arbitrary files via an Object Manager symbolic link from the log directory (which has weak permissions). | 2.1 |
| 2020-09-10 | CVE-2020-15024 | Incomplete Cleanup vulnerability in Avast Antivirus 20.1.5069.562 An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. | 5.5 |
| 2020-06-29 | CVE-2020-13657 | Improper Privilege Management vulnerability in Avast AVG Antivirus and Free Antivirus An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free before 20.4 due to improperly handling hard links. | 2.1 |
| 2020-04-01 | CVE-2020-10868 | Incorrect Permission Assignment for Critical Resource vulnerability in Avast Antivirus An issue was discovered in Avast Antivirus before 20. | 5.0 |