Vulnerabilities > Avira
|2023-01-10||CVE-2022-4294||Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.|| 7.8 |
|2023-01-10||CVE-2022-4429|| Unquoted Search Path or Element vulnerability in Avira Security 188.8.131.52554 |
Avira Security for Windows contains an unquoted service path which allows attackers with local administrative privileges to cause a Denial of Service.
| 4.4 |
|2022-10-17||CVE-2022-3368|| Improper Privilege Management vulnerability in Avira Security 184.108.40.206554 |
A vulnerability within the Software Updater functionality of Avira Security for Windows allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios.
| 8.8 |
|2022-04-12||CVE-2022-28795|| Unspecified vulnerability in Avira Password Manager |
A vulnerability within the Avira Password Manager Browser Extensions provided a potential loophole where, if a user visited a page crafted by an attacker, the discovered vulnerability could trigger the Password Manager Extension to fill in the password field automatically.
| 4.3 |
|2020-05-08||CVE-2020-12680|| Insufficiently Protected Credentials vulnerability in Avira Free Antivirus |
** DISPUTED ** Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials.
| 2.1 |
|2020-05-05||CVE-2020-12463|| Improper Privilege Management vulnerability in Avira Software Updater |
An elevation of privilege vulnerability exists in Avira Software Updater before 220.127.116.11476 due to improperly handling file hard links.
| 4.6 |
|2020-04-26||CVE-2020-12254|| Link Following vulnerability in Avira Antivirus |
Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escalation or a denial of service via abuse of a symlink.
| 4.6 |
|2020-04-09||CVE-2020-8961|| Code Injection vulnerability in Avira Free Antivirus |
An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825.
| 7.5 |
|2020-02-20||CVE-2020-9320|| Unrestricted Upload of File with Dangerous Type vulnerability in Avira products |
** DISPUTED ** Avira AV Engine before 18.104.22.168 allows virus-detection bypass via a crafted ISO archive.
| 4.3 |
|2020-02-12||CVE-2013-4602|| Resource Exhaustion vulnerability in Avira products |
A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 22.214.171.124 via an unspecified function in the PDF Scanner Engine.
| 7.1 |