Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer overflow and heap-based buffer underflow.
7.8CVSS
8.1AI Score
0.005EPSS
Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escalation or a denial of service via abuse of a symlink.
7.8CVSS
7.7AI Score
0.0004EPSS
A vulnerability within the Avira network protection feature allowed an attacker with local execution rights to cause an overflow. This could corrupt the data on the heap and lead to a denial-of-service situation.Issue was fixed with Endpointprotection.exe version 1.0.2303.633
7.8CVSS
5.3AI Score
0.0004EPSS