Vulnerabilities > Avira > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-19 | CVE-2023-1900 | Integer Overflow or Wraparound vulnerability in Avira Antivirus A vulnerability within the Avira network protection feature allowed an attacker with local execution rights to cause an overflow. | 5.5 |
| 2023-01-10 | CVE-2022-4429 | Unquoted Search Path or Element vulnerability in Avira Security 1.1.71.30554 Avira Security for Windows contains an unquoted service path which allows attackers with local administrative privileges to cause a Denial of Service. The issue was fixed with Avira Security version 1.1.78 | 4.4 |
| 2022-04-12 | CVE-2022-28795 | Unspecified vulnerability in Avira Password Manager A vulnerability within the Avira Password Manager Browser Extensions provided a potential loophole where, if a user visited a page crafted by an attacker, the discovered vulnerability could trigger the Password Manager Extension to fill in the password field automatically. | 6.5 |
| 2020-05-08 | CVE-2020-12680 | Unspecified vulnerability in Avira Free Antivirus Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials. | 5.5 |
| 2020-02-20 | CVE-2020-9320 | Unrestricted Upload of File with Dangerous Type vulnerability in Avira products Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. | 5.5 |
| 2020-02-12 | CVE-2013-4602 | Resource Exhaustion vulnerability in Avira products A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine. | 5.5 |
| 2019-10-10 | CVE-2019-17449 | Untrusted Search Path vulnerability in Avira Software Updater 2.0.6.13175/2.0.6.17105/2.0.6.20377 Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack. | 6.7 |
| 2017-03-21 | CVE-2017-6417 | Uncontrolled Search Path Element vulnerability in Avira products Code injection vulnerability in Avira Total Security Suite 15.0 (and earlier), Optimization Suite 15.0 (and earlier), Internet Security Suite 15.0 (and earlier), and Free Security Suite 15.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Avira process via a "DoubleAgent" attack. | 6.7 |