Vulnerabilities > Avira > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-09 | CVE-2023-36673 | Cleartext Transmission of Sensitive Information vulnerability in Avira Phantom VPN 2.23.1 An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. | 7.3 |
| 2023-01-10 | CVE-2022-4294 | Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | 7.8 |
| 2022-10-17 | CVE-2022-3368 | Unspecified vulnerability in Avira Security 1.1.71.30554 A vulnerability within the Software Updater functionality of Avira Security for Windows allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. | 8.8 |
| 2020-04-09 | CVE-2020-8961 | Code Injection vulnerability in Avira Free Antivirus An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825. | 7.5 |
| 2020-02-12 | CVE-2013-4602 | Resource Exhaustion vulnerability in Avira products A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine. | 7.1 |
| 2019-12-31 | CVE-2019-18568 | Unspecified vulnerability in Avira Free Antivirus 15.0.1907.1514 Avira Free Antivirus 15.0.1907.1514 is prone to a local privilege escalation through the execution of kernel code from a restricted user. | 7.2 |
| 2019-08-29 | CVE-2019-11396 | Link Following vulnerability in Avira Free Security Suite and Software Updater An issue was discovered in Avira Free Security Suite 10. | 7.2 |
| 2017-03-21 | CVE-2017-6417 | Uncontrolled Search Path Element vulnerability in Avira products Code injection vulnerability in Avira Total Security Suite 15.0 (and earlier), Optimization Suite 15.0 (and earlier), Internet Security Suite 15.0 (and earlier), and Free Security Suite 15.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Avira process via a "DoubleAgent" attack. | 7.2 |
| 2009-08-13 | CVE-2009-2761 | Local Security vulnerability in Antivir Security Suite Unquoted Windows search path vulnerability in the scheduler (sched.exe) in Avira AntiVir, AntiVir Premium, Premium Security Suite, and AntiVir Professional might allow local users to gain privileges via a malicious antivir.exe file in the "C:\Program Files\avira\" directory. | 7.2 |
| 2009-08-13 | CVE-2008-6962 | Improper Input Validation vulnerability in Avira products Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel pointer. | 7.2 |