Known Vulnerabilities for products from Avira
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Avira".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-27750 json | Avira Internet Security contains a time-of-check time-of-use (TOCTOU) vulnerability in the Optimizer component. A privileged ... | Not Provided | 2026-03-05 | 2026-04-01 |
| CVE-2026-27749 json | Avira Internet Security contains a deserialization of untrusted data vulnerability in the System Speedup component. The Avira... | Not Provided | 2026-03-05 | 2026-04-01 |
| CVE-2026-27748 json | Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the upda... | Not Provided | 2026-03-05 | 2026-04-01 |
| CVE-2023-36673 json | An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely configures the operating sys... | 7.3 - HIGH | 2023-08-09 | 2023-10-31 |
| CVE-2023-1900 json | A vulnerability within the Avira network protection feature allowed an attacker with local execution rights to cause an overf... | 5.5 - MEDIUM | 2023-04-19 | 2023-04-29 |
| CVE-2022-28795 json | A vulnerability within the Avira Password Manager Browser Extensions provided a potential loophole where, if a user visited a... | 6.5 - MEDIUM | 2022-04-12 | 2022-04-20 |
| CVE-2022-4429 json | Avira Security for Windows contains an unquoted service path which allows attackers with local administrative privileges to c... | 4.4 - MEDIUM | 2023-01-10 | 2023-11-07 |
| CVE-2022-4294 json | Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a typ... | 7.8 - HIGH | 2023-01-10 | 2023-11-07 |
| CVE-2022-3368 json | A vulnerability within the Software Updater functionality of Avira Security for Windows allowed an attacker with write access... | 8.8 - HIGH | 2022-10-17 | 2023-08-08 |
| CVE-2020-12680 json | ** DISPUTED ** Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials. The functions of ... | 5.5 - MEDIUM | 2020-05-08 | 2023-11-07 |
| CVE-2020-12463 json | An elevation of privilege vulnerability exists in Avira Software Updater before 2.0.6.27476 due to improperly handling file h... | 7.8 - HIGH | 2020-05-05 | 2021-07-21 |
| CVE-2020-12254 json | Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escalation or a denial of service via abuse of a symlink. | 7.8 - HIGH | 2020-04-26 | 2020-10-06 |
| CVE-2020-9320 json | ** DISPUTED ** Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affects versio... | 5.5 - MEDIUM | 2020-02-20 | 2023-11-07 |
| CVE-2020-8961 json | An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825. The Self-Protection feature does not prohibit a write ... | 9.8 - CRITICAL | 2020-04-09 | 2021-07-21 |
| CVE-2019-18568 json | Avira Free Antivirus 15.0.1907.1514 is prone to a local privilege escalation through the execution of kernel code from a rest... | 8.8 - HIGH | 2019-12-31 | 2020-10-22 |
| CVE-2019-17449 json | ** DISPUTED ** Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack. NOTE: The vendor thinks that this ... | 6.7 - MEDIUM | 2019-10-10 | 2023-11-07 |
| CVE-2019-11396 json | An issue was discovered in Avira Free Security Suite 10. The permissive access rights on the SoftwareUpdater folder (files / ... | 7.8 - HIGH | 2019-08-29 | 2020-08-24 |
| CVE-2017-6417 json | Code injection vulnerability in Avira Total Security Suite 15.0 (and earlier), Optimization Suite 15.0 (and earlier), Interne... | 6.7 - MEDIUM | 2017-03-21 | 2019-10-03 |
| CVE-2016-10402 json | Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\SYSTEM via a section header with... | 7.8 - HIGH | 2017-07-27 | 2020-08-05 |
| CVE-2015-7732 json | The Avira Mobile Security app before 1.5.11 for iOS sends sensitive login information in cleartext. | 7.5 - HIGH | 2017-06-15 | 2017-06-28 |
Known software with vulnerabilities from Avira
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Avira | Antivirus | 5.0.2003.1821 |
| Application | Avira | Avira Mobile Security | 1.5.7 |
| Application | Avira | Avira Secure Backup | 1.2.3 |
| Application | Avira | Free Antivirus | 15.0.1907.1514 |
| Application | Avira | Premium Security Suite | 10.0.0.536 |
| Application | Avira | Software Updater | 2.0.6.17105 |