Vulnerabilities > Avira
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-08 | CVE-2020-12680 | Insufficiently Protected Credentials vulnerability in Avira Free Antivirus ** DISPUTED ** Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials. | 2.1 |
| 2020-05-05 | CVE-2020-12463 | Improper Privilege Management vulnerability in Avira Software Updater An elevation of privilege vulnerability exists in Avira Software Updater before 2.0.6.27476 due to improperly handling file hard links. | 4.6 |
| 2020-04-26 | CVE-2020-12254 | Link Following vulnerability in Avira Antivirus Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escalation or a denial of service via abuse of a symlink. | 4.6 |
| 2020-04-09 | CVE-2020-8961 | Code Injection vulnerability in Avira Free Antivirus An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825. | 7.5 |
| 2020-02-20 | CVE-2020-9320 | Unrestricted Upload of File with Dangerous Type vulnerability in Avira products ** DISPUTED ** Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. | 4.3 |
| 2020-02-12 | CVE-2013-4602 | Resource Exhaustion vulnerability in Avira products A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine. | 7.1 |
| 2019-12-31 | CVE-2019-18568 | Unspecified vulnerability in Avira Free Antivirus 15.0.1907.1514 Avira Free Antivirus 15.0.1907.1514 is prone to a local privilege escalation through the execution of kernel code from a restricted user. | 7.2 |
| 2019-10-10 | CVE-2019-17449 | Untrusted Search Path vulnerability in Avira Software Updater 2.0.6.17105/2.0.6.20377 ** DISPUTED ** Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack. | 4.6 |
| 2019-08-29 | CVE-2019-11396 | Link Following vulnerability in Avira Free Security Suite and Software Updater An issue was discovered in Avira Free Security Suite 10. | 7.2 |
| 2017-07-27 | CVE-2016-10402 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Avira Antivirus 5.0.2003.1821/8.3.36.59 Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer overflow and heap-based buffer underflow. | 9.3 |