CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-9484
https://notcve.org/view.php?id=CVE-2024-9484
04 Oct 2024 — An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-9483 – Uninitialized variable in digital signiture verification may crash the application
https://notcve.org/view.php?id=CVE-2024-9483
04 Oct 2024 — A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-9482 – Out of Bounds write on scan of malformed Mach-O file may crash the application
https://notcve.org/view.php?id=CVE-2024-9482
04 Oct 2024 — An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-9481 – Out of Bounds write on scan of malformed eml file may crash the application
https://notcve.org/view.php?id=CVE-2024-9481
04 Oct 2024 — An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7232 – Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7232
29 Jul 2024 — Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Service. By creating a symbolic link, an attacker can abuse the service to delete a folder. • https://www.zerodayinitiative.com/advisories/ZDI-24-1004 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7227 – Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7227
29 Jul 2024 — Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Service. By creating a symbolic link, an attacker can abuse the service to delete a file. • https://www.zerodayinitiative.com/advisories/ZDI-24-1003 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7230 – Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7230
29 Jul 2024 — Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Cleanup Service. By creating a symbolic link, an attacker can abuse the service to delete a file. • https://www.zerodayinitiative.com/advisories/ZDI-24-1000 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7229 – Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7229
29 Jul 2024 — Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Cleanup Service. By creating a symbolic link, an attacker can abuse the service to delete a file. • https://www.zerodayinitiative.com/advisories/ZDI-24-1002 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7231 – Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7231
29 Jul 2024 — Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Cleanup Service. By creating a symbolic link, an attacker can abuse the service to delete a file. • https://www.zerodayinitiative.com/advisories/ZDI-24-1001 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7233 – Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7233
29 Jul 2024 — Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Service. By creating a symbolic link, an attacker can abuse the service to delete a folder. • https://www.zerodayinitiative.com/advisories/ZDI-24-1005 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •