479 matches found
PYSEC-2026-1049 FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess
Impact An input poolingratio that is smaller than 1 will trigger a heap OOB in tf.rawops.FractionalMaxPool and tf.rawops.FractionalAvgPool. Patches We have patched the issue in GitHub commit 216525144ee7c910296f5b05d214ca1327c9ce48. The fix will be included in TensorFlow 2.11.0. We will also cher...
PYSEC-2026-1019 TensorFlow vulnerable to `CHECK` failure in `AvgPoolOp`
Impact The AvgPoolOp function takes an argument ksize that must be positive but is not checked. A negative ksize can trigger a CHECK failure and crash the program. python import tensorflow as tf import numpy as np value = np.ones1, 1, 1, 1 ksize = 1, 1e20, 1, 1 strides = 1, 1, 1, 1 padding = 'SAM...
EUVD-2025-210133
Stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus...
EUVD-2025-210127
Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file with .NET metadata may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast...
EUVD-2025-210129
Stack overflow vulnerability due to uncontrolled recursion in Avast Antivirus when scanning a malformed PDF file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, an...
EUVD-2025-210124
Heap buffer out-of-bounds write vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus ...
EUVD-2025-210130
Heap out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed zip file containing XML may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus ...
CVE-2025-7019
Stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus...
CVE-2025-7009
Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus o...
CVE-2025-7019 Avast antivirus stack overflow when scanning a malformed Office Open XML file
Stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus...
CVE-2025-7011
This CVE-2025-7011 describes a heap out-of-bounds read in the Avast Gen Digital antivirus engine when processing a malformed ZIP containing XML, potentially enabling local code execution or antivirus process denial-of-service. Affected products include Avast Antivirus, AVG Antivirus, Norton Antiv...
CVE-2025-7010 Avast antivirus stack overflow when scanning a malformed PDF file
Stack overflow vulnerability due to uncontrolled recursion in Avast Antivirus when scanning a malformed PDF file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, an...
CVE-2025-7005
CVE-2025-7005 describes an uncontrolled recursion vulnerability in Avast Antivirus when scanning a malformed Windows PE file, potentially causing denial-of-service of the antivirus process. Affected products include Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business A...
CVE-2025-7004 Avast antivirus heap buffer OOB write when scanning a malformed PE file
Heap buffer out-of-bounds write vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus ...
PT-2026-49016
Name of the Vulnerable Software and Affected Versions Avast Antivirus versions 25020100 through 25021207 AVG Antivirus versions 25020100 through 25021207 Norton Antivirus versions 25020100 through 25021207 Avast One versions 25020100 through 25021207 Avast Business Antivirus versions 25020100...
PT-2026-49015
Name of the Vulnerable Software and Affected Versions Avast Antivirus versions prior to VPS 25021208 AVG Antivirus versions prior to VPS 25021208 Norton Antivirus versions prior to VPS 25021208 Avast One versions prior to VPS 25021208 Avast Business Antivirus versions prior to VPS 25021208...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: Fix potential null dereferencing in ext4mbinit In ext4mbinit, ext4mbavgfragmentsizedestroy may be called when sbi-smbavgfragmentsize remains uninitialized e.g., if the groupinfo slab cache allocation fails. Since...
Astra Linux – Vulnerability in libde265
It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the use of putweightedpredavg16fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack using a specially crafted video file...
CVE-2022-26522
The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver before 22.1 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash due to a double fetch vulnerability at aswArPot+0xc4a3...
CVE-2022-26523
The CVE-2022-26523 issue affects the Avast/AVG Anti‑Rootkit driver aswArPot.sys (Windows). It is a local, kernel‑mode vulnerability caused by a double fetch at aswArPot+0xbb94, enabling a user with limited privileges to run code at kernel level or trigger memory corruption/OS crash. Connected doc...