Vulnerabilities > Avira

DATE CVE VULNERABILITY TITLE RISK
2022-04-12 CVE-2022-28795 Unspecified vulnerability in Avira Password Manager
A vulnerability within the Avira Password Manager Browser Extensions provided a potential loophole where, if a user visited a page crafted by an attacker, the discovered vulnerability could trigger the Password Manager Extension to fill in the password field automatically.
network
avira
4.3
2020-05-08 CVE-2020-12680 Insufficiently Protected Credentials vulnerability in Avira Free Antivirus
** DISPUTED ** Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials.
local
low complexity
avira CWE-522
2.1
2020-05-05 CVE-2020-12463 Improper Privilege Management vulnerability in Avira Software Updater
An elevation of privilege vulnerability exists in Avira Software Updater before 2.0.6.27476 due to improperly handling file hard links.
local
low complexity
avira CWE-269
4.6
2020-04-26 CVE-2020-12254 Link Following vulnerability in Avira Antivirus
Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escalation or a denial of service via abuse of a symlink.
local
low complexity
avira CWE-59
4.6
2020-04-09 CVE-2020-8961 Code Injection vulnerability in Avira Free Antivirus
An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825.
network
low complexity
avira CWE-94
7.5
2020-02-20 CVE-2020-9320 Unrestricted Upload of File with Dangerous Type vulnerability in Avira products
** DISPUTED ** Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive.
network
avira CWE-434
4.3
2020-02-12 CVE-2013-4602 Resource Exhaustion vulnerability in Avira products
A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine.
network
avira CWE-400
7.1
2019-12-31 CVE-2019-18568 Unspecified vulnerability in Avira Free Antivirus 15.0.1907.1514
Avira Free Antivirus 15.0.1907.1514 is prone to a local privilege escalation through the execution of kernel code from a restricted user.
local
low complexity
avira
7.2
2019-10-10 CVE-2019-17449 Untrusted Search Path vulnerability in Avira Software Updater 2.0.6.17105/2.0.6.20377
** DISPUTED ** Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack.
local
low complexity
avira CWE-426
4.6
2019-08-29 CVE-2019-11396 Link Following vulnerability in Avira Free Security Suite and Software Updater
An issue was discovered in Avira Free Security Suite 10.
local
low complexity
avira microsoft CWE-59
7.2