Skip to main content

Antivirus

117 CVEs product

Monthly

CVE-2025-3500 CRITICAL PATCH Act Now

Integer Overflow or Wraparound vulnerability in Avast Antivirus (25.1.981.6) on Windows allows Privilege Escalation.This issue affects Antivirus: from 25.1.981.6 before 25.3.

Privilege Escalation Integer Overflow Microsoft Antivirus Windows
NVD
CVSS 3.1
9.0
EPSS
0.0%
CVE-2025-13032 CRITICAL This Week

Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3 on windows allows local attacker to escalate privelages via pool overflow. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Antivirus Windows
NVD
CVSS 3.1
9.9
EPSS
0.0%
CVE-2024-7237 HIGH This Week

AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Antivirus
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-7236 MEDIUM This Month

AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Antivirus
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-7235 MEDIUM This Month

AVG AntiVirus Free Link Following Denial-of-Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Antivirus
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-7234 HIGH This Week

AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Antivirus
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-9484 MEDIUM This Month

An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Apple Denial Of Service Antivirus
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-9483 MEDIUM This Month

A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Apple Denial Of Service Antivirus
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-9482 MEDIUM This Month

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Memory Corruption Antivirus
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-9481 MEDIUM This Month

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Memory Corruption Antivirus
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-5102 HIGH This Week

A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\SYSTEM. Rated high severity (CVSS 7.3). No vendor patch available.

Information Disclosure Microsoft Antivirus
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2020-20118 MEDIUM PATCH This Month

Buffer Overflow vulnerability in Avast AntiVirus before v.19.7 allows a local attacker to cause a denial of service via a crafted request to the aswSnx.sys driver. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Denial Of Service Buffer Overflow Antivirus
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-1900 MEDIUM This Month

A vulnerability within the Avira network protection feature allowed an attacker with local execution rights to cause an overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Antivirus
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-1587 MEDIUM POC This Month

Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Microsoft Antivirus Anti Virus
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-1586 MEDIUM This Month

Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the restore process leading to arbitrary file creation. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Microsoft Antivirus Anti Virus
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2023-1585 MEDIUM POC This Month

Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. Rated medium severity (CVSS 6.3). Public exploit code available and no vendor patch available.

Information Disclosure Microsoft Antivirus Anti Virus
NVD
CVSS 3.1
6.3
EPSS
0.2%
CVE-2022-34008 HIGH POC This Week

Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-24671 HIGH This Week

A link following privilege escalation vulnerability in Trend Micro Antivirus for Max 11.0.2150 and below could allow a local attacker to modify a file during the update process and escalate their. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Antivirus
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-45339 HIGH POC This Week

Privilege escalation vulnerability in Avast Antivirus prior to 20.4 allows a local user to gain elevated privileges by "hollowing" trusted process which could lead to the bypassing of Avast. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Authentication Bypass Antivirus
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-45338 HIGH POC This Week

Multiple privilege escalation vulnerabilities in Avast Antivirus prior to 20.4 allow a local user to gain elevated privileges by calling unnecessarily powerful internal methods of the main antivirus. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-45337 HIGH POC This Week

Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus prior to 20.8 allows a local user with SYSTEM privileges to gain elevated privileges by "hollowing" process. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2021-45336 HIGH POC This Week

Privilege escalation vulnerability in the Sandbox component of Avast Antivirus prior to 20.4 allows a local sandboxed code to gain elevated privileges by using system IPC interfaces which could lead. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD GitHub
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-45335 HIGH POC This Week

Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2021-43771 HIGH This Week

Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Antivirus
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-28648 HIGH PATCH This Week

Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Trend Micro Antivirus
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-25227 LOW PATCH Monitor

Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functionality within the application. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Trend Micro Antivirus
NVD
CVSS 3.1
3.3
EPSS
0.5%
CVE-2020-27015 MEDIUM This Month

Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Trend Micro Information Disclosure Antivirus
NVD
CVSS 3.1
4.4
EPSS
0.9%
CVE-2020-27014 MEDIUM This Month

Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web Threat Protection Blocklist component, that if exploited, could allow an attacker to case a kernel. Rated medium severity (CVSS 6.4). No vendor patch available.

Trend Micro Denial Of Service Antivirus
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2020-27013 MEDIUM This Month

Trend Micro Antivirus for Mac 2020 (Consumer) contains a vulnerability in the product that occurs when a webserver is started that implements an API with several properties that can be read and. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Trend Micro Information Disclosure Antivirus
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2020-25778 MEDIUM PATCH This Month

Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in a specific kernel extension where an attacker could supply a kernel pointer and leak several bytes of memory. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Trend Micro Information Disclosure Antivirus
NVD
CVSS 3.1
6.0
EPSS
0.6%
CVE-2020-25777 MEDIUM PATCH This Month

Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a specific kernel extension request attack where an attacker could bypass the Web Threat Protection feature of the product. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Authentication Bypass Antivirus
NVD
CVSS 3.1
5.4
EPSS
1.3%
CVE-2020-25779 LOW PATCH Monitor

Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used to add a malicious website to the approved. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Trend Micro Authentication Bypass Antivirus
NVD
CVSS 3.1
3.3
EPSS
0.8%
CVE-2020-25776 HIGH This Week

Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbolic link privilege escalation attack where an attacker could exploit a critical file on the system to escalate their privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Trend Micro Privilege Escalation Antivirus
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2020-15024 MEDIUM This Month

An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Hashicorp Microsoft Information Disclosure Antivirus
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-12254 HIGH This Week

Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escalation or a denial of service via abuse of a symlink. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Microsoft Antivirus
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-10868 HIGH POC This Week

An issue was discovered in Avast Antivirus before 20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2020-10867 CRITICAL POC Act Now

An issue was discovered in Avast Antivirus before 20. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD GitHub
CVSS 3.1
9.8
EPSS
2.2%
CVE-2020-10866 HIGH POC This Week

An issue was discovered in Avast Antivirus before 20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-10865 HIGH POC This Week

An issue was discovered in Avast Antivirus before 20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2020-10864 MEDIUM POC This Month

An issue was discovered in Avast Antivirus before 20. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD GitHub
CVSS 3.1
6.5
EPSS
1.6%
CVE-2020-10863 HIGH POC This Week

An issue was discovered in Avast Antivirus before 20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD GitHub
CVSS 3.1
7.5
EPSS
2.0%
CVE-2020-10862 HIGH POC This Week

An issue was discovered in Avast Antivirus before 20. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-10861 HIGH POC This Week

An issue was discovered in Avast Antivirus before 20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2020-10860 HIGH POC This Week

An issue was discovered in Avast Antivirus before 20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Antivirus
NVD GitHub
CVSS 3.1
7.5
EPSS
2.0%
CVE-2020-8093 HIGH This Week

A vulnerability in the AntivirusforMac binary as used in Bitdefender Antivirus for Mac allows an attacker to inject a library using DYLD environment variable to cause third-party code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Antivirus
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-8092 MEDIUM This Month

A privilege escalation vulnerability in BDLDaemon as used in Bitdefender Antivirus for Mac allows a local attacker to obtain authentication tokens for requests submitted to the Bitdefender Cloud. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Antivirus
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-19695 HIGH This Week

A privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 (v9.0.1379 and below) could potentially allow an attacker to create a symbolic link to a target file and modify it. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Antivirus
NVD
CVSS 3.1
7.5
EPSS
3.2%
CVE-2019-18653 MEDIUM POC This Month

A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, Internet Security, and Premiere Edition) 19.3.2369 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Antivirus
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2019-17093 HIGH POC This Week

An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Antivirus Anti Virus
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2019-16913 HIGH POC This Week

PC Protect Antivirus v4.14.31 installs by default to %PROGRAMFILES(X86)%\PCProtect with very weak folder permissions, granting any user full permission "Everyone: (F)" to the contents of the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-14694 MEDIUM POC PATCH This Month

A use-after-free flaw in the sandbox container implemented in cmdguard.sys in Comodo Antivirus 12.0.0.6870 can be triggered due to a race condition when handling IRP_MJ_CLEANUP requests in the. Rated medium severity (CVSS 4.7). Public exploit code available.

Race Condition Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
4.7
EPSS
0.4%
CVE-2019-14270 HIGH POC This Week

Comodo Antivirus through 12.0.0.6870, Comodo Firewall through 12.0.0.6870, and Comodo Internet Security Premium through 12.0.0.6870, with the Comodo Container feature, are vulnerable to Sandbox. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus Firewall Internet Security
NVD
CVSS 3.0
7.1
EPSS
0.5%
CVE-2019-11230 MEDIUM POC This Month

In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD
CVSS 3.0
4.4
EPSS
0.5%
CVE-2019-3973 MEDIUM POC This Month

Comodo Antivirus versions 11.0.0.6582 and below are vulnerable to Denial of Service affecting CmdGuard.sys via its filter port "cmdServicePort". Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Memory Corruption Antivirus
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2019-3972 MEDIUM POC This Month

Comodo Antivirus versions 12.0.0.6810 and below are vulnerable to Denial of Service affecting CmdAgent.exe via an unprotected section object "<GUID>_CisSharedMemBuff". Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Information Disclosure Antivirus
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2019-3971 MEDIUM POC This Month

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2019-3970 MEDIUM POC This Month

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2019-3969 HIGH POC This Week

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Local Privilege Escalation due to CmdAgent's handling of COM clients. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2018-17776 HIGH POC This Week

PCProtect Anti-Virus v4.8.35 has "Everyone: (F)" permission for %PROGRAMFILES(X86)%\PCProtect, which allows local users to gain privileges by replacing an executable file with a Trojan horse. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
3.4%
CVE-2018-6236 HIGH This Week

A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Trend Micro Privilege Escalation Antivirus Internet Security +2
NVD
CVSS 3.0
7.0
EPSS
0.3%
CVE-2018-6235 HIGH This Week

An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Memory Corruption Buffer Overflow Trend Micro Antivirus +3
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-6234 MEDIUM This Month

An Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to disclose sensitive information on vulnerable installations. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Trend Micro Information Disclosure Buffer Overflow Antivirus Internet Security +2
NVD
CVSS 3.0
5.5
EPSS
0.7%
CVE-2018-6233 HIGH This Week

A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Buffer Overflow Antivirus Internet Security +2
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-6232 HIGH This Week

A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Buffer Overflow Antivirus Internet Security +2
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-6788 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6787 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6786 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6785 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6784 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6783 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6782 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6781 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6780 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6779 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6778 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6777 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6776 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6775 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6774 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6773 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6772 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6771 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6770 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6769 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6768 HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5220 HIGH POC This Week

In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5219 HIGH POC This Week

In K7 Antivirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5218 HIGH POC This Week

In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5217 HIGH POC This Week

In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5088 HIGH POC This Week

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
EPSS 0% CVSS 9.0
CRITICAL PATCH Act Now

Integer Overflow or Wraparound vulnerability in Avast Antivirus (25.1.981.6) on Windows allows Privilege Escalation.This issue affects Antivirus: from 25.1.981.6 before 25.3.

Privilege Escalation Integer Overflow Microsoft +2
NVD
EPSS 0% CVSS 9.9
CRITICAL This Week

Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3 on windows allows local attacker to escalate privelages via pool overflow. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Antivirus +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Antivirus
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Antivirus
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

AVG AntiVirus Free Link Following Denial-of-Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Antivirus
NVD
EPSS 0% CVSS 7.8
HIGH This Week

AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Antivirus
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Apple Denial Of Service +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Apple Denial Of Service +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Memory Corruption +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Memory Corruption +1
NVD
EPSS 0% CVSS 7.3
HIGH This Week

A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\SYSTEM. Rated high severity (CVSS 7.3). No vendor patch available.

Information Disclosure Microsoft Antivirus
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Buffer Overflow vulnerability in Avast AntiVirus before v.19.7 allows a local attacker to cause a denial of service via a crafted request to the aswSnx.sys driver. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Denial Of Service Buffer Overflow Antivirus
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A vulnerability within the Avira network protection feature allowed an attacker with local execution rights to cause an overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Antivirus
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Microsoft +2
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the restore process leading to arbitrary file creation. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Microsoft Antivirus +1
NVD
EPSS 0% CVSS 6.3
MEDIUM POC This Month

Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. Rated medium severity (CVSS 6.3). Public exploit code available and no vendor patch available.

Information Disclosure Microsoft Antivirus +1
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A link following privilege escalation vulnerability in Trend Micro Antivirus for Max 11.0.2150 and below could allow a local attacker to modify a file during the update process and escalate their. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Antivirus
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

Privilege escalation vulnerability in Avast Antivirus prior to 20.4 allows a local user to gain elevated privileges by "hollowing" trusted process which could lead to the bypassing of Avast. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Authentication Bypass Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

Multiple privilege escalation vulnerabilities in Avast Antivirus prior to 20.4 allow a local user to gain elevated privileges by calling unnecessarily powerful internal methods of the main antivirus. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus prior to 20.8 allows a local user with SYSTEM privileges to gain elevated privileges by "hollowing" process. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Privilege escalation vulnerability in the Sandbox component of Avast Antivirus prior to 20.4 allows a local sandboxed code to gain elevated privileges by using system IPC interfaces which could lead. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Antivirus
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Trend Micro Antivirus
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functionality within the application. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Trend Micro Antivirus
NVD
EPSS 1% CVSS 4.4
MEDIUM This Month

Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Trend Micro Information Disclosure Antivirus
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web Threat Protection Blocklist component, that if exploited, could allow an attacker to case a kernel. Rated medium severity (CVSS 6.4). No vendor patch available.

Trend Micro Denial Of Service Antivirus
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Trend Micro Antivirus for Mac 2020 (Consumer) contains a vulnerability in the product that occurs when a webserver is started that implements an API with several properties that can be read and. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Trend Micro Information Disclosure Antivirus
NVD
EPSS 1% CVSS 6.0
MEDIUM PATCH This Month

Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in a specific kernel extension where an attacker could supply a kernel pointer and leak several bytes of memory. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Trend Micro Information Disclosure Antivirus
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a specific kernel extension request attack where an attacker could bypass the Web Threat Protection feature of the product. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Trend Micro Authentication Bypass Antivirus
NVD
EPSS 1% CVSS 3.3
LOW PATCH Monitor

Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used to add a malicious website to the approved. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Trend Micro Authentication Bypass Antivirus
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbolic link privilege escalation attack where an attacker could exploit a critical file on the system to escalate their privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Trend Micro Privilege Escalation Antivirus
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Hashicorp Microsoft Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escalation or a denial of service via abuse of a symlink. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Microsoft +1
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

An issue was discovered in Avast Antivirus before 20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered in Avast Antivirus before 20. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in Avast Antivirus before 20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

An issue was discovered in Avast Antivirus before 20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in Avast Antivirus before 20. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

An issue was discovered in Avast Antivirus before 20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC This Week

An issue was discovered in Avast Antivirus before 20. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

An issue was discovered in Avast Antivirus before 20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

An issue was discovered in Avast Antivirus before 20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the AntivirusforMac binary as used in Bitdefender Antivirus for Mac allows an attacker to inject a library using DYLD environment variable to cause third-party code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Antivirus
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A privilege escalation vulnerability in BDLDaemon as used in Bitdefender Antivirus for Mac allows a local attacker to obtain authentication tokens for requests submitted to the Bitdefender Cloud. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Antivirus
NVD
EPSS 3% CVSS 7.5
HIGH This Week

A privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 (v9.0.1379 and below) could potentially allow an attacker to create a symbolic link to a target file and modify it. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Antivirus
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, Internet Security, and Premiere Edition) 19.3.2369 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Antivirus
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Antivirus Anti Virus
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

PC Protect Antivirus v4.14.31 installs by default to %PROGRAMFILES(X86)%\PCProtect with very weak folder permissions, granting any user full permission "Everyone: (F)" to the contents of the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD
EPSS 0% CVSS 4.7
MEDIUM POC PATCH This Month

A use-after-free flaw in the sandbox container implemented in cmdguard.sys in Comodo Antivirus 12.0.0.6870 can be triggered due to a race condition when handling IRP_MJ_CLEANUP requests in the. Rated medium severity (CVSS 4.7). Public exploit code available.

Race Condition Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.1
HIGH POC This Week

Comodo Antivirus through 12.0.0.6870, Comodo Firewall through 12.0.0.6870, and Comodo Internet Security Premium through 12.0.0.6870, with the Comodo Container feature, are vulnerable to Sandbox. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus Firewall +1
NVD
EPSS 1% CVSS 4.4
MEDIUM POC This Month

In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Comodo Antivirus versions 11.0.0.6582 and below are vulnerable to Denial of Service affecting CmdGuard.sys via its filter port "cmdServicePort". Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Memory Corruption +1
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Comodo Antivirus versions 12.0.0.6810 and below are vulnerable to Denial of Service affecting CmdAgent.exe via an unprotected section object "<GUID>_CisSharedMemBuff". Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Information Disclosure +1
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Local Privilege Escalation due to CmdAgent's handling of COM clients. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Antivirus
NVD
EPSS 3% CVSS 7.8
HIGH POC This Week

PCProtect Anti-Virus v4.8.35 has "Everyone: (F)" permission for %PROGRAMFILES(X86)%\PCProtect, which allows local users to gain privileges by replacing an executable file with a Trojan horse. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD Exploit-DB
EPSS 0% CVSS 7.0
HIGH This Week

A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Trend Micro Privilege Escalation +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Memory Corruption Buffer Overflow +5
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

An Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to disclose sensitive information on vulnerable installations. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Trend Micro Information Disclosure Buffer Overflow +4
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Buffer Overflow +4
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Buffer Overflow +4
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In K7 Antivirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy