Avg Antivirus vulnerabilities

11 known vulnerabilities affecting avg/antivirus.

Total CVEs
11
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4MEDIUM6

Vulnerabilities

Page 1 of 1
CVE-2025-13032HIGHCVSS 7.8fixed in 25.32025-11-11
CVE-2025-13032 [HIGH] CWE-367 CVE-2025-13032: Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3  on windows allows local attacker Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3 on windows allows local attacker to escalate privelages via pool overflow.
cvelistv5nvd
CVE-2024-7234HIGHCVSS 7.8v23.9.8494.7952024-11-22
CVE-2024-7234 [HIGH] CWE-59 CVE-2024-7234: AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerabilit AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists
nvd
CVE-2024-7237HIGHCVSS 7.8v23.12.8700.8132024-11-22
CVE-2024-7237 [HIGH] CWE-59 CVE-2024-7237: AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerabilit AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists
nvd
CVE-2024-7236MEDIUMCVSS 5.5v23.12.8700.8122024-11-22
CVE-2024-7236 [MEDIUM] CWE-59 CVE-2024-7236: AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability. This vulnerabilit AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The s
nvd
CVE-2024-7235MEDIUMCVSS 5.5v23.11.8635.8092024-11-22
CVE-2024-7235 [MEDIUM] CWE-59 CVE-2024-7235: AVG AntiVirus Free Link Following Denial-of-Service Vulnerability. This vulnerability allows local a AVG AntiVirus Free Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exi
nvd
CVE-2024-9484MEDIUMCVSS 5.5fixed in 240924002024-10-04
CVE-2024-9484 [MEDIUM] CWE-476 CVE-2024-9484: An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing.
nvd
CVE-2024-9481MEDIUMCVSS 5.5fixed in 240924002024-10-04
CVE-2024-9481 [MEDIUM] CWE-787 CVE-2024-9481: An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 2 An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing.
nvd
CVE-2024-9483MEDIUMCVSS 5.5fixed in 240924002024-10-04
CVE-2024-9483 [MEDIUM] CWE-476 CVE-2024-9483: A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24 A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing.
nvd
CVE-2024-9482MEDIUMCVSS 5.5fixed in 240924002024-10-04
CVE-2024-9482 [MEDIUM] CWE-787 CVE-2024-9482: An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 2 An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing.
nvd
CVE-2022-4294HIGHCVSS 7.8fixed in 22.102023-01-10
CVE-2022-4294 [HIGH] CWE-269 CVE-2022-4294: Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vuln Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
nvd
CVE-2008-5522CRITICALCVSS 9.3v8.0.0.1612008-12-12
CVE-2008-5522 [CRITICAL] CVE-2008-5522: AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass d AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exp
nvd