Vulnerabilities > Avast > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-11 | CVE-2020-20118 | Classic Buffer Overflow vulnerability in Avast Antivirus Buffer Overflow vulnerability in Avast AntiVirus before v.19.7 allows a local attacker to cause a denial of service via a crafted request to the aswSnx.sys driver. | 5.5 |
| 2023-04-19 | CVE-2023-1585 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. | 6.3 |
| 2023-04-19 | CVE-2023-1586 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the restore process leading to arbitrary file creation. | 4.7 |
| 2022-05-20 | CVE-2022-28964 | Untrusted Search Path vulnerability in Avast Premium Security 19.8.2393/20.8.2429 An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file. | 5.4 |
| 2022-05-20 | CVE-2022-28965 | Uncontrolled Search Path Element vulnerability in Avast Premium Security 19.8.2393/20.8.2429 Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file. | 6.5 |
| 2020-09-10 | CVE-2020-15024 | Incomplete Cleanup vulnerability in Avast Antivirus 20.1.5069.562 An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. | 5.5 |
| 2020-04-01 | CVE-2020-10868 | Incorrect Permission Assignment for Critical Resource vulnerability in Avast Antivirus An issue was discovered in Avast Antivirus before 20. | 5.0 |
| 2020-04-01 | CVE-2020-10866 | Inadequate Encryption Strength vulnerability in Avast Antivirus An issue was discovered in Avast Antivirus before 20. | 5.0 |
| 2020-04-01 | CVE-2020-10865 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Avast Antivirus An issue was discovered in Avast Antivirus before 20. | 5.0 |
| 2020-04-01 | CVE-2020-10864 | Improper Input Validation vulnerability in Avast Antivirus An issue was discovered in Avast Antivirus before 20. | 5.0 |