CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-10863
https://notcve.org/view.php?id=CVE-2020-10863
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a shutdown via RPC from a Low Integrity process via TempShutDownMachine. Se detectó un problema en Avast Antivirus versiones anteriores a 20. El endpoint de aswTask RPC para la biblioteca TaskEx en el Avast Service (AvastSvc.exe) permite a atacantes desencadenar un apagado por medio de una RPC a partir de un proceso Low Integrity por medio de TempShutDownMachine. • https://forum.avast.com/index.php?topic=232420.0 https://forum.avast.com/index.php?topic=232423.0 https://github.com/umarfarook882/Avast_Multiple_Vulnerability_Disclosure/blob/master/README.md •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-10862
https://notcve.org/view.php?id=CVE-2020-10862
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to achieve Local Privilege Escalation (LPE) via RPC. Se detectó un problema en Avast Antivirus versiones anteriores a 20. El endpoint de aswTask RPC para la biblioteca TaskEx en el Avast Service (AvastSvc.exe) permite a atacantes lograr una Escalada de Privilegios Local (LPE) por medio de una RPC. • https://forum.avast.com/index.php?topic=232420.0 https://forum.avast.com/index.php?topic=232423.0 https://github.com/umarfarook882/Avast_Multiple_Vulnerability_Disclosure/blob/master/README.md •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-10861
https://notcve.org/view.php?id=CVE-2020-10861
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to achieve Arbitrary File Deletion from Avast Program Path via RPC, when Self Defense is Enabled. Se detectó un problema en Avast Antivirus versiones anteriores a 20. El endpoint de aswTask RPC para la biblioteca TaskEx en el Avast Service (AvastSvc.exe) permite a atacantes lograr una Eliminación de Archivos Arbitrarios de Avast Program Path por medio de una RPC, cuando Self Defense está Habilitada. • https://forum.avast.com/index.php?topic=232420.0 https://forum.avast.com/index.php?topic=232423.0 https://github.com/umarfarook882/Avast_Multiple_Vulnerability_Disclosure/blob/master/README.md •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-10860
https://notcve.org/view.php?id=CVE-2020-10860
An issue was discovered in Avast Antivirus before 20. An Arbitrary Memory Address Overwrite vulnerability in the aswAvLog Log Library results in Denial of Service of the Avast Service (AvastSvc.exe). Se detectó un problema en Avast Antivirus versiones anteriores a 20. Una vulnerabilidad de Sobrescritura de Dirección de Memoria Arbitraria en la aswAvLog Log Library que resulta en una Denegación de Servicio del Avast Service (AvastSvc.exe). • https://forum.avast.com/index.php?topic=232420.0 https://forum.avast.com/index.php?topic=232423.0 https://github.com/umarfarook882/Avast_Multiple_Vulnerability_Disclosure/blob/master/README.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8093 – Code Injection into Bitdefender AV for Mac
https://notcve.org/view.php?id=CVE-2020-8093
A vulnerability in the AntivirusforMac binary as used in Bitdefender Antivirus for Mac allows an attacker to inject a library using DYLD environment variable to cause third-party code execution Una vulnerabilidad en el binario AntivirusforMac como es usado en Bitdefender Antivirus para Mac, le permite a un atacante inyectar una biblioteca usando la variable de entorno DYLD para causar una ejecución de código de terceros. • https://www.bitdefender.com/support/security-advisories/code-injection-into-bitdefender-antivirus-for-mac-va-3441 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-264: Permissions, Privileges, and Access Controls •