CVE-2025-69783

A local attacker can bypass OpenEDR's 2.5.1.0 self-defense mechanism by renaming a malicious executable to match a trusted process name e.g., csrss.exe, edrsvc.exe, edrcon.exe. This allows unauthorized interaction with the OpenEDR kernel driver, granting access to privileged functionality such as...

CVE-2025-69783

A local attacker can bypass OpenEDR's 2.5.1.0 self-defense mechanism by renaming a malicious executable to match a trusted process name e.g., csrss.exe, edrsvc.exe, edrcon.exe. This allows unauthorized interaction with the OpenEDR kernel driver, granting access to privileged functionality such as...

CVE-2020-10867

An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service AvastSvc.exe allows attackers to bypass intended access restrictions on tasks from an untrusted process, when Self Defense is enabled...

CVE-2025-10905

Collision in MiniFilter driver in Avast Software Avast Free Antivirus before 25.9 on Windows allows a local attacker with administrative privileges to disable real-time protection and self-defense mechanisms...

EUVD-2025-84321

Collision in MiniFilter driver in Avast Software Avast Free Antivirus before 25.9 on Windows allows a local attacker with administrative privileges to disable real-time protection and self-defense mechanisms...

CVE-2025-10905

Collision in MiniFilter driver in Avast Software Avast Free Antivirus before 25.9 on Windows allows a local attacker with administrative privileges to disable real-time protection and self-defense mechanisms...

CVE-2025-10905 Collision in minifilter driver of Avast Free Antivirus results in disabling of real-time protection

Collision in MiniFilter driver in Avast Software Avast Free Antivirus before 25.9 on Windows allows a local attacker with administrative privileges to disable real-time protection and self-defense mechanisms...

CVE-2025-10905

Affected software: Avast Free Antivirus (Gen Digital). Vulnerable component: MiniFilter driver. Description across connected sources indicates a collision in the MiniFilter driver prior to Avast Free Antivirus 25.9 on Windows. Impact: local attacker with administrative privileges can disable real...

CVE-2025-10905 Collision in minifilter driver of Avast Free Antivirus results in disabling of real-time protection

Collision in MiniFilter driver in Avast Software Avast Free Antivirus before 25.9 on Windows allows a local attacker with administrative privileges to disable real-time protection and self-defense mechanisms...

PT-2025-46350

Name of the Vulnerable Software and Affected Versions Avast Free Antivirus versions prior to 25.9 Description A collision in the MiniFilter driver within Avast Free Antivirus can allow a local attacker with administrative privileges to disable real-time protection and self-defense mechanisms. The...

EUVD-2021-10817

Malware in sbrugna...

EUVD-2017-17269

Malware in sbrugna...

EUVD-2020-3273

Malware in sbrugna...

EUVD-2020-3267

Malware in sbrugna...

EUVD-2019-7560

Malware in sbrugna...

EUVD-2021-32112

Malicious code in bioql PyPI...

Driver of destruction: How a legitimate driver is being used to take down AV processes

Introduction In a recent incident response case in Brazil, we spotted intriguing new antivirus AV killer software that has been circulating in the wild since at least October 2024. This malicious artifact abuses the ThrottleStop.sys driver, delivered together with the malware, to terminate numero...

CVE-2021-45337

Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus prior to 20.8 allows a local user with SYSTEM privileges to gain elevated privileges by "hollowing" process wscproxy.exe which could lead to acquire antimalware AM-PPL protection...

CVE-2021-23874

Arbitrary Process Execution vulnerability in McAfee Total Protection MTP prior to 16.0.30 allows a local user to gain elevated privileges and execute arbitrary code bypassing MTP self-defense...

CVE-2021-45339

Privilege escalation vulnerability in Avast Antivirus prior to 20.4 allows a local user to gain elevated privileges by "hollowing" trusted process which could lead to the bypassing of Avast self-defense...