Vulnerabilities > Avira
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-20 | CVE-2020-9320 | Unrestricted Upload of File with Dangerous Type vulnerability in Avira products Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. | 5.5 |
| 2020-02-12 | CVE-2013-4602 | Resource Exhaustion vulnerability in Avira products A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine. | 5.5 |
| 2019-12-31 | CVE-2019-18568 | Unspecified vulnerability in Avira Free Antivirus 15.0.1907.1514 Avira Free Antivirus 15.0.1907.1514 is prone to a local privilege escalation through the execution of kernel code from a restricted user. | 8.8 |
| 2019-10-10 | CVE-2019-17449 | Untrusted Search Path vulnerability in Avira Software Updater 2.0.6.13175/2.0.6.17105/2.0.6.20377 Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack. | 6.7 |
| 2019-08-29 | CVE-2019-11396 | Link Following vulnerability in Avira Free Security Suite and Software Updater An issue was discovered in Avira Free Security Suite 10. | 7.8 |
| 2017-07-27 | CVE-2016-10402 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Avira Antivirus 1.0.2303.633/5.0.2003.1821/8.3.36.59 Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer overflow and heap-based buffer underflow. | 7.8 |
| 2017-06-15 | CVE-2015-7732 | Information Exposure vulnerability in Avira Mobile Security 1.5.7 The Avira Mobile Security app before 1.5.11 for iOS sends sensitive login information in cleartext. | 7.5 |
| 2017-03-21 | CVE-2017-6417 | Uncontrolled Search Path Element vulnerability in Avira products Code injection vulnerability in Avira Total Security Suite 15.0 (and earlier), Optimization Suite 15.0 (and earlier), Internet Security Suite 15.0 (and earlier), and Free Security Suite 15.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Avira process via a "DoubleAgent" attack. | 6.7 |