CVE-2024-6510 – Local privilege escalation vulnerability in AVG Internet Security
https://notcve.org/view.php?id=CVE-2024-6510
Local Privilege Escalation in AVG Internet Security v24 on Windows allows a local unprivileged user to escalate privileges to SYSTEM via COM-Hijacking. • https://www.cirosec.de/sa/sa-2023-008 • CWE-427: Uncontrolled Search Path Element CWE-732: Incorrect Permission Assignment for Critical Resource CWE-749: Exposed Dangerous Method or Function •
CVE-2023-1587
https://notcve.org/view.php?id=CVE-2023-1587
Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11 • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-476: NULL Pointer Dereference •
CVE-2023-1586
https://notcve.org/view.php?id=CVE-2023-1586
Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the restore process leading to arbitrary file creation. The issue was fixed with Avast and AVG Antivirus version 22.11 • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2023-1585
https://notcve.org/view.php?id=CVE-2023-1585
Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. The issue was fixed with Avast and AVG Antivirus version 22.11 and virus definitions from 14 February 2023 or later. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2022-4294 – Norton, Avira, Avast and AVG Antivirus for Windows Privilege Escalation
https://notcve.org/view.php?id=CVE-2022-4294
Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-269: Improper Privilege Management •