Vulnerabilities > Avira > High

DATE CVE VULNERABILITY TITLE RISK
2023-08-09 CVE-2023-36673 Cleartext Transmission of Sensitive Information vulnerability in Avira Phantom VPN 2.23.1
An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS.
low complexity
avira CWE-319
7.3
2023-01-10 CVE-2022-4294 Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
local
low complexity
avira norton avast avg
7.8
2022-10-17 CVE-2022-3368 Unspecified vulnerability in Avira Security 1.1.71.30554
A vulnerability within the Software Updater functionality of Avira Security for Windows allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios.
network
low complexity
avira
8.8
2020-05-05 CVE-2020-12463 Unspecified vulnerability in Avira Software Updater
An elevation of privilege vulnerability exists in Avira Software Updater before 2.0.6.27476 due to improperly handling file hard links.
local
low complexity
avira
7.8
2020-04-26 CVE-2020-12254 Link Following vulnerability in Avira Antivirus 1.0.2303.633
Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escalation or a denial of service via abuse of a symlink.
local
low complexity
avira CWE-59
7.8
2019-12-31 CVE-2019-18568 Unspecified vulnerability in Avira Free Antivirus 15.0.1907.1514
Avira Free Antivirus 15.0.1907.1514 is prone to a local privilege escalation through the execution of kernel code from a restricted user.
local
low complexity
avira
8.8
2019-08-29 CVE-2019-11396 Link Following vulnerability in Avira Free Security Suite and Software Updater
An issue was discovered in Avira Free Security Suite 10.
local
low complexity
avira CWE-59
7.8
2017-07-27 CVE-2016-10402 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Avira Antivirus 1.0.2303.633/5.0.2003.1821/8.3.36.59
Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer overflow and heap-based buffer underflow.
local
low complexity
avira CWE-119
7.8
2017-06-15 CVE-2015-7732 Information Exposure vulnerability in Avira Mobile Security 1.5.7
The Avira Mobile Security app before 1.5.11 for iOS sends sensitive login information in cleartext.
network
low complexity
avira CWE-200
7.5