1540 matches found
The Race to Quantum-Proof the Internet Has Already Begun
The race to quantum-proof the internet is underway as experts warn of “harvest now, decrypt later” risks and slow migration to post-quantum security...
CVE-2026-27748
Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\\ProgramData without validating whether the path resolves through a symbolic link or reparse...
EUVD-2026-9820
Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...
CVE-2026-27750
Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...
CVE-2026-27750
Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...
CVE-2026-27748
Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...
CVE-2026-27749
Avira Internet Security contains a deserialization of untrusted data vulnerability in the System Speedup component. The Avira.SystemSpeedup.RealTimeOptimizer.exe process, which runs with SYSTEM privileges, deserializes data from a file located in C:\ProgramData using .NET BinaryFormatter without...
CVE-2026-27748 Avira Internet Security Arbitrary File Deletion via Improper Link Resolution
Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...
CVE-2026-27748 Avira Internet Security Arbitrary File Deletion via Improper Link Resolution
Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...
CVE-2026-27749 Avira Internet Security System Speedup Insecure Deserialization
Avira Internet Security contains a deserialization of untrusted data vulnerability in the System Speedup component. The Avira.SystemSpeedup.RealTimeOptimizer.exe process, which runs with SYSTEM privileges, deserializes data from a file located in C:\ProgramData using .NET BinaryFormatter without...
CVE-2026-27750
Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...
CVE-2026-27750 Avira Internet Security Optimizer TOCTOU
Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...
Avira Internet Security 安全漏洞
Avira Internet Security is a network security software developed by the German company Avira. Avira Internet Security has a security vulnerability, which stems from a race condition in the Optimizer component. This vulnerability could allow local attackers to delete protected files or directories...
Avira Internet Security 安全漏洞
Avira Internet Security is a network security software developed by the German company Avira. Avira Internet Security has a security vulnerability. This vulnerability stems from an improper link parsing issue in the Software Updater component. It could allow local attackers to delete any file,...
Avira Internet Security 安全漏洞
Avira Internet Security is a network security software developed by the German company Avira. Avira Internet Security has a security vulnerability, which stems from the System Speedup component deserializing unreliable data. This could allow local attackers to execute arbitrary code with SYSTEM...
CVE-2019-18215
An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. A DLL Preloading vulnerability allows an attacker to implant an unsigned DLL named iLog.dll in a partially unprotected product directory. This DLL is then loaded into a high-privileged service before the...
CVE-2020-10180
The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro macOS, Cyber Security macOS, Mobile Security for Android, Smart TV Security,...
CVE-2020-10193
ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro macOS, Cyber Security macOS, Mobile Security for Android...
CVE-2024-34671
Use of implicit intent for sensitive communication in translation혻in Samsung Internet prior to version 26.0.3.1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability...
Visualisation for the CIS Benchmark Scanning Results
In this paper, we introduce GraphSecure, a web application that provides advanced analysis and visualisation of security scanning results. GraphSecure enables users to initiate scans for their AWS account, validate them against specific Center for Internet Security CIS Benchmarks and return...