Vulnerabilities > AVG
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-04 | CVE-2024-9481 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing. | 5.5 |
| 2024-10-04 | CVE-2024-9482 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing. | 5.5 |
| 2024-10-04 | CVE-2024-9483 | NULL Pointer Dereference vulnerability in multiple products A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing. | 5.5 |
| 2024-10-04 | CVE-2024-9484 | NULL Pointer Dereference vulnerability in multiple products An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing. | 5.5 |
| 2024-09-12 | CVE-2024-6510 | Uncontrolled Search Path Element vulnerability in AVG Internet Security Local Privilege Escalation in AVG Internet Security v24 on Windows allows a local unprivileged user to escalate privileges to SYSTEM via COM-Hijacking. | 7.8 |
| 2023-04-19 | CVE-2023-1585 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. | 6.3 |
| 2023-04-19 | CVE-2023-1586 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the restore process leading to arbitrary file creation. | 4.7 |
| 2023-01-10 | CVE-2022-4294 | Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | 7.8 |
| 2020-01-13 | CVE-2019-18893 | Cross-site Scripting vulnerability in multiple products XSS in the Video Downloader component before 1.5 of Avast Secure Browser 77.1.1831.91 and AVG Secure Browser 77.0.1790.77 allows websites to execute their code in the context of this component. | 4.3 |
| 2019-11-01 | CVE-2019-18654 | Cross-site Scripting vulnerability in AVG Anti-Virus 19.3.3084 A Cross Site Scripting (XSS) issue exists in AVG AntiVirus (Internet Security Edition) 19.3.3084 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to execute JavaScript code via an SSID Name. | 6.1 |