Avast Free Antivirus
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Avast Free Antivirus.
By the Year
In 2026 there have been 0 vulnerabilities in Avast Free Antivirus. Last year, in 2025 Free Antivirus had 1 security vulnerability published. Right now, Free Antivirus is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 4.40 |
| 2024 | 4 | 7.23 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 5.50 |
| 2019 | 1 | 7.80 |
It may take a day or so for new Free Antivirus vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Avast Free Antivirus Security Vulnerabilities
Avast Free Antivirus <25.9 MiniFilter Collision Lets Admin Disable RT
CVE-2025-10905
4.4 - Medium
- November 11, 2025
Collision in MiniFilter driver in Avast Software Avast Free Antivirus before 25.9 on Windows allows a local attacker with administrative privileges to disable real-time protection and self-defense mechanisms.
Protection Mechanism Failure
AVST Free AV Denial-of-Service via Symbolic Link Abuse
CVE-2024-7228
5.5 - Medium
- November 22, 2024
Avast Free Antivirus Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Service. By creating a symbolic link, an attacker can abuse the service to create a folder. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-22806.
insecure temporary file
Avast Free AV LPE via AvastSvc LinkFollow Symlink Deletion
CVE-2024-7227
7.8 - High
- November 22, 2024
Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22272.
insecure temporary file
Avast Free Antivirus LPE via Symbolic Link Abuse
CVE-2024-7232
7.8 - High
- November 22, 2024
Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Service. By creating a symbolic link, an attacker can abuse the service to delete a folder. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22963.
insecure temporary file
CVE-2024-7233 Avast Free Antivirus Link Following LPE via Symbolic Link
CVE-2024-7233
7.8 - High
- November 22, 2024
Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast Service. By creating a symbolic link, an attacker can abuse the service to delete a folder. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23731.
insecure temporary file
An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free before 20.4 due to improperly handling hard links
CVE-2020-13657
5.5 - Medium
- June 29, 2020
An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free before 20.4 due to improperly handling hard links. The vulnerability allows local users to take control of arbitrary files.
Improper Privilege Management
Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which
CVE-2018-12572
7.8 - High
- March 21, 2019
Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data.
Cleartext Storage of Sensitive Information
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Avast Free Antivirus or by Avast? Click the Watch button to subscribe.
