Avast Antivirus
35 CVEs affecting Avast Antivirus. Latest disclosed: 2025-12-01. Critical: 4, High: 19.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-13032 | Critical | 9.9 | 2025-11-11 | Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3 on windows allows local attacker to escalate privelages via pool overflow. |
CVE-2020-10867 | Critical | 9.8 | 2020-04-01 | An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to b… |
CVE-2017-8307 | Critical | 9.8 | 2017-04-27 | In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows service, it is possible to launch predefined binaries, or replac… |
CVE-2025-3500 | Critical | 9.0 | 2025-12-01 | Integer Overflow or Wraparound vulnerability in Avast Antivirus (25.1.981.6) on Windows allows Privilege Escalation.This issue affects Antivirus: from 25.1.981… |
CVE-2021-45337 | High | 8.8 | 2021-12-27 | Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus prior to 20.8 allows a local user with SYSTEM privileges to gain elevated priv… |
CVE-2021-45336 | High | 8.8 | 2021-12-27 | Privilege escalation vulnerability in the Sandbox component of Avast Antivirus prior to 20.4 allows a local sandboxed code to gain elevated privileges by using… |
CVE-2021-45335 | High | 8.8 | 2021-12-27 | Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefor… |
CVE-2025-8351 | High | 7.8 | 2025-12-01 | Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avira Antivirus engine when scanning a malformed file may allow Local Execution of Code or Deni… |
CVE-2025-10101 | High | 7.8 | 2025-12-01 | Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Mach-O file may allow Local Execution of Code or Denial-of-Service of… |
CVE-2021-45339 | High | 7.8 | 2021-12-27 | Privilege escalation vulnerability in Avast Antivirus prior to 20.4 allows a local user to gain elevated privileges by "hollowing" trusted process which could… |
CVE-2021-45338 | High | 7.8 | 2021-12-27 | Multiple privilege escalation vulnerabilities in Avast Antivirus prior to 20.4 allow a local user to gain elevated privileges by calling unnecessarily powerful… |
CVE-2020-10862 | High | 7.8 | 2020-04-01 | An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to a… |
CVE-2019-17093 | High | 7.8 | 2019-10-23 | An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8. A DLL Preloading vulnerability allows an attacker to implant %WINDIR%\sys… |
CVE-2025-7007 | High | 7.5 | 2025-12-01 | NULL Pointer Dereference vulnerability in Avast Antivirus on MacOS, Avast Anitvirus on Linux when scanning a malformed Windows PE file causes the antivirus pro… |
CVE-2020-10868 | High | 7.5 | 2020-04-01 | An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to l… |
CVE-2020-10866 | High | 7.5 | 2020-04-01 | An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to e… |
CVE-2020-10865 | High | 7.5 | 2020-04-01 | An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to m… |
CVE-2020-10863 | High | 7.5 | 2020-04-01 | An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to t… |
CVE-2020-10861 | High | 7.5 | 2020-04-01 | An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to a… |
CVE-2020-10860 | High | 7.5 | 2020-04-01 | An issue was discovered in Avast Antivirus before 20. An Arbitrary Memory Address Overwrite vulnerability in the aswAvLog Log Library results in Denial of Serv… |