CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-4429 – Avira Security for Windows - Denial of Service
https://notcve.org/view.php?id=CVE-2022-4429
10 Jan 2023 — Avira Security for Windows contains an unquoted service path which allows attackers with local administrative privileges to cause a Denial of Service. The issue was fixed with Avira Security version 1.1.78 Avira Security for Windows contains an unquoted service path which allows attackers with local administrative privileges to cause a Denial of Service. The issue was fixed with Avira Security version 1.1.78 • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-428: Unquoted Search Path or Element •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-4294 – Norton, Avira, Avast and AVG Antivirus for Windows Privilege Escalation
https://notcve.org/view.php?id=CVE-2022-4294
10 Jan 2023 — Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-269: Improper Privilege Management •
CVSS: 9.0EPSS: 3%CPEs: 1EXPL: 2CVE-2022-3368 – Software Updater of Avira Security for Windows vulnerable to Privilege Escalation
https://notcve.org/view.php?id=CVE-2022-3368
17 Oct 2022 — A vulnerability within the Software Updater functionality of Avira Security for Windows allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. The issue was fixed with Avira Security version 1.1.72.30556. Una vulnerabilidad en la funcionalidad Software Updater de Avira Security for Windows permitía a un atacante con acceso de escritura al sistema de archivos escalar sus privilegios en determinados escenarios. El problema ha sido corregido con Avira Security... • https://github.com/Wh04m1001/CVE-2022-3368 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-9320 – AVIRA Generic Malformed Container Bypass
https://notcve.org/view.php?id=CVE-2020-9320
20 Feb 2020 — Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affects versions before 8.3.54.138 of Antivirus for Endpoint, Antivirus for Small Business, Exchange Security (Gateway), Internet Security Suite for Windows, Prime, Free Security Suite for Windows, and Cross Platform Anti-malware SDK. NOTE: Vendor asserts that vulnerability does not exist in product ** EN DISPUTA ** Avira AV Engine versiones anteriores a 8.3.54.138, permite omitir la detección de virus por medio ... • http://packetstormsecurity.com/files/156472/AVIRA-Generic-Malformed-Container-Bypass.html • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7732
https://notcve.org/view.php?id=CVE-2015-7732
15 Jun 2017 — The Avira Mobile Security app before 1.5.11 for iOS sends sensitive login information in cleartext. La aplicación Avira Mobile Security anterior a la versión 1.5.11 para iOS, envía información de inicio de sesión en texto claro. • https://www.info-sec.ca/advisories/Avira-Mobile-Security.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •