CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-45335
https://notcve.org/view.php?id=CVE-2021-45335
27 Dec 2021 — Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files. El componente Sandbox en Avast Antivirus versiones anteriores a 20.4, presenta un permiso no seguro que podría ser abusado por el usuario local para controlar el resultado de los escaneos, y por lo tanto omitir la detección o borrar archivos arbitrarios del sistema • https://github.com/the-deniss/Vulnerability-Disclosures/tree/main/CVE-2021-AVST3%20%26%20CVE-2021-AVST4%20%26%20CVE-2021-AVST5 • CWE-276: Incorrect Default Permissions •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-25227 – Trend Micro Antivirus for Mac Memory Exhaustion Denial-Of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-25227
29 Jan 2021 — Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functionality within the application. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability - i.e. the attacker must already have access to the target system (either legitimately or via another exploit). Trend Micro Antivirus para Mac 2021 (Consumer) es susceptible a una vulne... • https://helpcenter.trendmicro.com/en-us/article/TMKA-10191 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-12254
https://notcve.org/view.php?id=CVE-2020-12254
26 Apr 2020 — Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escalation or a denial of service via abuse of a symlink. Avira Antivirus versiones anteriores a la versión 5.0.2003.1821 en Windows, permite una escalada de privilegios o una denegación de servicio por medio del abuso de un enlace simbólico. • http://web.archive.org/web/20200429193852/https://support.avira.com/hc/en-us/articles/360000109798-Avira-Antivirus-for-Windows • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-10868
https://notcve.org/view.php?id=CVE-2020-10868
01 Apr 2020 — An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to launch the Repair App RPC call from a Low Integrity process. Se detectó un problema en Avast Antivirus versiones anteriores a 20. El endpoint de aswTask RPC para la biblioteca TaskEx en el Avast Service (AvastSvc.exe) permite a atacantes iniciar la llamada Repair App RPC desde un proceso Low Integrity. • https://forum.avast.com/index.php?topic=232420.0 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-10867
https://notcve.org/view.php?id=CVE-2020-10867
01 Apr 2020 — An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to bypass intended access restrictions on tasks from an untrusted process, when Self Defense is enabled. Se detectó un problema en Avast Antivirus versiones anteriores a 20. El endpoint de aswTask RPC para la biblioteca TaskEx en el Avast Service (AvastSvc.exe) permite a atacantes omitir las restricciones de acceso previstas en tareas a partir de un proce... • https://forum.avast.com/index.php?topic=232420.0 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-10866
https://notcve.org/view.php?id=CVE-2020-10866
01 Apr 2020 — An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to enumerate the network interfaces and access points from a Low Integrity process via RPC. Se detectó un problema en Avast Antivirus versiones anteriores a 20. El endpoint de aswTask RPC para la biblioteca TaskEx en el Avast Service (AvastSvc.exe) permite a atacantes enumerar las interfaces de red y los puntos de acceso a partir de un proceso Low Integri... • https://forum.avast.com/index.php?topic=232420.0 • CWE-326: Inadequate Encryption Strength •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-10865
https://notcve.org/view.php?id=CVE-2020-10865
01 Apr 2020 — An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to make arbitrary changes to the Components section of the Stats.ini file via RPC from a Low Integrity process. Se detectó un problema en Avast Antivirus versiones anteriores a 20. El endpoint de aswTask RPC para la biblioteca TaskEx en el Avast Service (AvastSvc.exe) permite a atacantes realizar cambios arbitrarios en la sección Components del archivo St... • https://forum.avast.com/index.php?topic=232420.0 • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-10864
https://notcve.org/view.php?id=CVE-2020-10864
01 Apr 2020 — An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a reboot via RPC from a Low Integrity process. Se detectó un problema en Avast Antivirus versiones anteriores a 20. El endpoint de aswTask RPC para la biblioteca TaskEx en el Avast Service (AvastSvc.exe) permite a atacantes activar un reinicio por medio de una RPC a partir de un proceso Low Integrity. • https://forum.avast.com/index.php?topic=232420.0 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-10863
https://notcve.org/view.php?id=CVE-2020-10863
01 Apr 2020 — An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a shutdown via RPC from a Low Integrity process via TempShutDownMachine. Se detectó un problema en Avast Antivirus versiones anteriores a 20. El endpoint de aswTask RPC para la biblioteca TaskEx en el Avast Service (AvastSvc.exe) permite a atacantes desencadenar un apagado por medio de una RPC a partir de un proceso Low Integrity por medio de T... • https://forum.avast.com/index.php?topic=232420.0 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-10862
https://notcve.org/view.php?id=CVE-2020-10862
01 Apr 2020 — An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to achieve Local Privilege Escalation (LPE) via RPC. Se detectó un problema en Avast Antivirus versiones anteriores a 20. El endpoint de aswTask RPC para la biblioteca TaskEx en el Avast Service (AvastSvc.exe) permite a atacantes lograr una Escalada de Privilegios Local (LPE) por medio de una RPC. • https://forum.avast.com/index.php?topic=232420.0 •