Filtered by vendor Avira
Subscriptions
Total
37 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2008-6962 | 1 Avira | 4 Antivir, Antivir Personal, Antivir Professional and 1 more | 2024-11-21 | N/A |
Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel pointer. | ||||
CVE-2007-2974 | 1 Avira | 2 Antivir, Av Pack | 2024-11-21 | N/A |
Buffer overflow in the file parsing engine in Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to execute arbitrary code via a crafted LZH archive file, resulting from an "integer cast around." | ||||
CVE-2007-2973 | 1 Avira | 2 Antivir, Av Pack | 2024-11-21 | N/A |
Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed TAR archive. | ||||
CVE-2007-2972 | 1 Avira | 2 Antivir, Av Pack | 2024-11-21 | N/A |
The file parsing engine in Avira Antivir Antivirus before 7.04.00.24 allows remote attackers to cause a denial of service (application crash) via a crafted UPX compressed file, which triggers a divide-by-zero error. | ||||
CVE-2007-1673 | 9 Amavis, Avast, Avira and 6 more | 13 Amavis, Avast Antivirus, Avast Antivirus Home and 10 more | 2024-11-21 | N/A |
unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. | ||||
CVE-2007-1671 | 1 Avira | 1 Antivir Personal | 2024-11-21 | N/A |
avpack32.dll before 7.3.0.6 in Avira AntiVir allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. | ||||
CVE-2006-4619 | 1 Avira | 1 Antivir Personal | 2024-11-21 | N/A |
The start update window in update.exe in Avira AntiVir PersonalEdition Classic 7.0 build 151 allows local users to gain system privileges via a "Shatter" style attack on the (1) IParam parameter, and the (2) PBM_GETRANGE and (3) PBM_SETRANGE messages in an unspecified progress bar. NOTE: some details are obtained from third party information. | ||||
CVE-2006-1274 | 1 Avira | 1 Antivir Personal | 2024-11-21 | N/A |
Classic Planer in AntiVir PersonalEdition Classic 7 does not drop privileges before executing external programs, which allows local users to gain privileges via notepad.exe, which is used to display scan reports. | ||||
CVE-2005-3224 | 1 Avira | 1 Antivir Personal | 2024-11-21 | N/A |
Multiple interpretation error in unspecified versions of AntiVir Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | ||||
CVE-2005-3219 | 1 Avira | 1 Antivir Personal | 2024-11-21 | N/A |
Multiple interpretation error in unspecified versions of Avira Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | ||||
CVE-2005-2957 | 1 Avira | 1 Desktop | 2024-11-21 | N/A |
Stack-based buffer overflow in AVIRA Desktop for Windows 1.00.00.68 with AVPACK32.DLL 6.31.0.3, when archive scanning is enabled, allows remote attackers to execute arbitrary code via a long filename in an ACE archive. | ||||
CVE-2023-36673 | 1 Avira | 1 Phantom Vpn | 2024-10-10 | 7.3 High |
An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel, even if this traffic is not generated by the VPN client, while simultaneously using plaintext DNS to look up the VPN server's IP address. This allows an adversary to trick the victim into sending traffic to arbitrary IP addresses in plaintext outside the VPN tunnel. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to "ServerIP attack, combined with DNS spoofing, that can leak traffic to an arbitrary IP address" rather than to only Avira Phantom VPN. | ||||
CVE-2022-3368 | 1 Avira | 1 Avira Security | 2024-09-17 | 7.3 High |
A vulnerability within the Software Updater functionality of Avira Security for Windows allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. The issue was fixed with Avira Security version 1.1.72.30556. | ||||
CVE-2022-28795 | 1 Avira | 1 Password Manager | 2024-08-03 | 6.5 Medium |
A vulnerability within the Avira Password Manager Browser Extensions provided a potential loophole where, if a user visited a page crafted by an attacker, the discovered vulnerability could trigger the Password Manager Extension to fill in the password field automatically. An attacker could then access this information via JavaScript. The issue was fixed with the browser extensions version 2.18.5 for Chrome, MS Edge, Opera, Firefox, and Safari. | ||||
CVE-2022-4429 | 1 Avira | 1 Avira Security | 2024-08-03 | 5.3 Medium |
Avira Security for Windows contains an unquoted service path which allows attackers with local administrative privileges to cause a Denial of Service. The issue was fixed with Avira Security version 1.1.78 | ||||
CVE-2022-4294 | 5 Avast, Avg, Avira and 2 more | 5 Antivirus, Antivirus, Avira Security and 2 more | 2024-08-03 | 7.1 High |
Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | ||||
CVE-2023-1900 | 1 Avira | 1 Antivirus | 2024-08-02 | 7.8 High |
A vulnerability within the Avira network protection feature allowed an attacker with local execution rights to cause an overflow. This could corrupt the data on the heap and lead to a denial-of-service situation. Issue was fixed with Endpointprotection.exe version 1.0.2303.633 |