Vulnerabilities > Avast > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-27 | CVE-2019-17190 | Incorrect Authorization vulnerability in Avast Secure Browser 76.0.1659.101 A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. | 7.8 |
| 2017-04-27 | CVE-2017-8307 | Arbitrary File Deletion vulnerability in Avast! Antivirus In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows service, it is possible to launch predefined binaries, or replace or delete arbitrary files. | 7.5 |
| 2017-03-21 | CVE-2017-5567 | Uncontrolled Search Path Element vulnerability in Avast products Code injection vulnerability in Avast Premier 12.3 (and earlier), Internet Security 12.3 (and earlier), Pro Antivirus 12.3 (and earlier), and Free Antivirus 12.3 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Avast process via a "DoubleAgent" attack. | 7.2 |
| 2016-04-13 | CVE-2015-8620 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Avast products Heap-based buffer overflow in the Avast virtualization driver (aswSnx.sys) in Avast Internet Security, Pro Antivirus, Premier, and Free Antivirus before 11.1.2253 allows local users to gain privileges via a Unicode file path in an IOCTL request. | 7.2 |
| 2010-02-25 | CVE-2010-0705 | Improper Input Validation vulnerability in Avast Antivirus Home and Avast Antivirus Professional Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly validate input to IOCTL 0xb2d60030, which allows local users to cause a denial of service (system crash) or execute arbitrary code to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption. | 7.2 |
| 2009-11-23 | CVE-2009-4049 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Avast Antivirus Home and Avast Antivirus Professional Heap-based buffer overflow in aswRdr.sys (aka the TDI RDR driver) in avast! Home and Professional 4.8.1356.0 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted arguments to IOCTL 0x80002024. | 7.2 |
| 2009-10-01 | CVE-2009-3524 | Unspecified vulnerability in Avast Antivirus Home and Avast Antivirus Professional Unspecified vulnerability in ashWsFtr.dll in avast! Home and Professional for Windows before 4.8.1356 has unknown impact and local attack vectors. | 7.2 |
| 2009-10-01 | CVE-2009-3522 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Avast Antivirus Home and Avast Antivirus Professional Stack-based buffer overflow in aswMon2.sys in avast! Home and Professional for Windows 4.8.1351, and possibly other versions before 4.8.1356, allows local users to cause a denial of service (system crash) and possibly gain privileges via a crafted IOCTL request to IOCTL 0xb2c80018. | 7.2 |
| 2007-05-09 | CVE-2007-1673 | Resource Management Errors vulnerability in multiple products unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. network low complexity amavis avast avira panda picozip rahul-dhesi unzoo winace barracuda-networks CWE-399 | 7.8 |
| 2007-05-09 | CVE-2007-1672 | Remote Denial of Service vulnerability in Multiple Vendors Zoo Compression Algorithm avast! antivirus before 4.7.981 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. | 7.8 |