Vulnerabilities > Avast > High

DATE CVE VULNERABILITY TITLE RISK
2024-11-22 CVE-2024-7227 Unspecified vulnerability in Avast Free Antivirus 23.9.6082
Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability.
local
low complexity
avast
7.8
2024-11-22 CVE-2024-7229 Unspecified vulnerability in Avast Cleanup Premium 23.4
Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability.
local
low complexity
avast
7.8
2024-11-22 CVE-2024-7230 Unspecified vulnerability in Avast Cleanup Premium 23.4
Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability.
local
low complexity
avast
7.8
2024-11-22 CVE-2024-7231 Unspecified vulnerability in Avast Cleanup Premium 23.4
Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability.
local
low complexity
avast
7.8
2024-11-22 CVE-2024-7232 Unspecified vulnerability in Avast Free Antivirus 23.12.6094
Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability.
local
low complexity
avast
7.8
2024-06-10 CVE-2024-5102 Link Following vulnerability in Avast Antivirus
A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\SYSTEM. The vulnerability exists within the "Repair" (settings -> troubleshooting -> repair) feature, which attempts to delete a file in the current user's AppData directory as NT AUTHORITY\SYSTEM.
local
high complexity
avast CWE-59
7.0
2023-11-08 CVE-2023-5760 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Avast AVG Antivirus 23.8
A time-of-check to time-of-use (TOCTOU) bug in handling of IOCTL (input/output control) requests.
local
high complexity
avast CWE-367
7.0
2023-01-10 CVE-2022-4294 Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
local
low complexity
avira norton avast avg
7.8
2022-12-06 CVE-2022-4173 Improper Privilege Management vulnerability in Avast and AVG Antivirus
A vulnerability within the malware removal functionality of Avast and AVG Antivirus allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios.
network
low complexity
avast CWE-269
8.8
2022-05-20 CVE-2022-28964 Untrusted Search Path vulnerability in Avast Premium Security 19.8.2393/20.8.2429
An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file.
local
low complexity
avast CWE-426
7.1