Vulnerabilities > Avast > Premium Security
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-20 | CVE-2022-28964 | Untrusted Search Path vulnerability in Avast Premium Security 19.8.2393/20.8.2429 An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file. | 7.1 |
| 2022-05-20 | CVE-2022-28965 | Uncontrolled Search Path Element vulnerability in Avast Premium Security 19.8.2393/20.8.2429 Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file. | 6.5 |
| 2021-03-29 | CVE-2021-27241 | Link Following vulnerability in Avast Premium Security 20.8.2429 This vulnerability allows local attackers to delete arbitrary directories on affected installations of Avast Premium Security 20.8.2429 (Build 20.8.5653.561). | 6.1 |
| 2020-01-13 | CVE-2019-18894 | OS Command Injection vulnerability in Avast Premium Security 19.8.2393 In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. | 7.8 |