Common Weakness Enumeration
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Back to CWE stats page
CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
CVE-2025-68132 (GCVE-0-2025-68132)
Vulnerability from cvelistv5 – Published: 2026-01-21 18:28 – Updated: 2026-01-21 19:06
VLAI
Title
EVerest has out-of-bounds read in DZG_GSH01 SLIP CRC parser that can crash powermeter driver
Summary
EVerest is an EV charging software stack. Prior to version 2025.12.0, `is_message_crc_correct` in the DZG_GSH01 powermeter SLIP parser reads `vec[vec.size()-1]` and `vec[vec.size()-2]` without checking that at least two bytes are present. Malformed SLIP frames on the serial link can reach `is_message_crc_correct` with `vec.size() < 2` (only via the multi-message path), causing an out-of-bounds read before CRC verification and `pop_back` underflow. Therefore, an attacker controlling the serial input can reliably crash the process. Version 2025.12.0 fixes the issue.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/EVerest/everest-core/security/… | x_refsource_CONFIRM |
| https://github.com/EVerest/everest-core/commit/b8… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| EVerest | everest-core |
Affected:
< 2025.12.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68132",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T19:05:29.573743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T19:06:48.136Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "everest-core",
"vendor": "EVerest",
"versions": [
{
"status": "affected",
"version": "\u003c 2025.12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EVerest is an EV charging software stack. Prior to version 2025.12.0, `is_message_crc_correct` in the DZG_GSH01 powermeter SLIP parser reads `vec[vec.size()-1]` and `vec[vec.size()-2]` without checking that at least two bytes are present. Malformed SLIP frames on the serial link can reach `is_message_crc_correct` with `vec.size() \u003c 2` (only via the multi-message path), causing an out-of-bounds read before CRC verification and `pop_back` underflow. Therefore, an attacker controlling the serial input can reliably crash the process. Version 2025.12.0 fixes the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 2.4,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T18:28:40.763Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/EVerest/everest-core/security/advisories/GHSA-79gc-m8w6-9hx5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-79gc-m8w6-9hx5"
},
{
"name": "https://github.com/EVerest/everest-core/commit/b8139b95144e3fe0082789b7fafe4e532ee494a1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/EVerest/everest-core/commit/b8139b95144e3fe0082789b7fafe4e532ee494a1"
}
],
"source": {
"advisory": "GHSA-79gc-m8w6-9hx5",
"discovery": "UNKNOWN"
},
"title": "EVerest has out-of-bounds read in DZG_GSH01 SLIP CRC parser that can crash powermeter driver"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-68132",
"datePublished": "2026-01-21T18:28:40.763Z",
"dateReserved": "2025-12-15T18:05:52.211Z",
"dateUpdated": "2026-01-21T19:06:48.136Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68382 (GCVE-0-2025-68382)
Vulnerability from cvelistv5 – Published: 2025-12-18 21:56 – Updated: 2025-12-19 15:14
VLAI
Title
Packetbeat Out-of-bounds Read
Summary
Out-of-bounds read (CWE-125) allows an unauthenticated remote attacker to perform a buffer overflow (CAPEC-100) via the NFS protocol dissector, leading to a denial-of-service (DoS) through a reliable process crash when handling truncated XDR-encoded RPC messages.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Elastic | Packetbeat |
Affected:
7.0.0 , ≤ 7.17.29
(semver)
Affected: 8.0.0 , ≤ 8.19.8 (semver) Affected: 9.0.0 , ≤ 9.1.8 (semver) Affected: 9.2.0 , ≤ 9.2.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68382",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T15:14:05.716968Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T15:14:16.013Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Packetbeat",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "7.17.29",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.8",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.8",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.2.2",
"status": "affected",
"version": "9.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eOut-of-bounds read (CWE-125) allows an unauthenticated remote attacker to perform a buffer overflow (CAPEC-100) via the NFS protocol dissector, leading to a denial-of-service (DoS) through a reliable process crash when handling truncated XDR-encoded RPC messages.\u003c/p\u003e"
}
],
"value": "Out-of-bounds read (CWE-125) allows an unauthenticated remote attacker to perform a buffer overflow (CAPEC-100) via the NFS protocol dissector, leading to a denial-of-service (DoS) through a reliable process crash when handling truncated XDR-encoded RPC messages."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T21:56:03.352Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/packetbeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-31/384179"
}
],
"source": {
"discovery": "Elastic"
},
"title": "Packetbeat Out-of-bounds Read",
"x_generator": {
"engine": "Elastic CVE Publisher 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-68382",
"datePublished": "2025-12-18T21:56:03.352Z",
"dateReserved": "2025-12-16T17:26:09.355Z",
"dateUpdated": "2025-12-19T15:14:16.013Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68431 (GCVE-0-2025-68431)
Vulnerability from cvelistv5 – Published: 2025-12-29 19:09 – Updated: 2025-12-30 22:26
VLAI
Title
libheif has Potential Heap Buffer Over-Read
Summary
libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in `HeifPixelImage::overlay()`. The function computes a negative row length (likely from an unclipped overlay rectangle or invalid offsets), which then underflows when converted to `size_t` and is passed to `memcpy`, causing a very large read past the end of the source plane and a crash. Version 1.21.0 contains a patch. As a workaround, avoid decoding images using `iovl` overlay boxes.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/strukturag/libheif/security/ad… | x_refsource_CONFIRM |
| https://github.com/strukturag/libheif/commit/b8c1… | x_refsource_MISC |
| https://github.com/strukturag/libheif/releases/ta… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| strukturag | libheif |
Affected:
< 1.21.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68431",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-30T21:54:12.455580Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-30T22:26:20.374Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "libheif",
"vendor": "strukturag",
"versions": [
{
"status": "affected",
"version": "\u003c 1.21.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in `HeifPixelImage::overlay()`. The function computes a negative row length (likely from an unclipped overlay rectangle or invalid offsets), which then underflows when converted to `size_t` and is passed to `memcpy`, causing a very large read past the end of the source plane and a crash. Version 1.21.0 contains a patch. As a workaround, avoid decoding images using `iovl` overlay boxes."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190: Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-29T19:09:54.628Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/strukturag/libheif/security/advisories/GHSA-j87x-4gmq-cqfq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/strukturag/libheif/security/advisories/GHSA-j87x-4gmq-cqfq"
},
{
"name": "https://github.com/strukturag/libheif/commit/b8c12a7b70f46c9516711a988483bed377b78d46",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/strukturag/libheif/commit/b8c12a7b70f46c9516711a988483bed377b78d46"
},
{
"name": "https://github.com/strukturag/libheif/releases/tag/v1.21.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/strukturag/libheif/releases/tag/v1.21.0"
}
],
"source": {
"advisory": "GHSA-j87x-4gmq-cqfq",
"discovery": "UNKNOWN"
},
"title": "libheif has Potential Heap Buffer Over-Read"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-68431",
"datePublished": "2025-12-29T19:09:54.628Z",
"dateReserved": "2025-12-17T15:29:39.380Z",
"dateUpdated": "2025-12-30T22:26:20.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-7002 (GCVE-0-2025-7002)
Vulnerability from cvelistv5 – Published: 2026-06-12 21:59 – Updated: 2026-06-15 17:13
VLAI
Title
Avira antivirus engine heap buffer OOB read when scanning a malformed PDF file (variant 2)
Summary
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.
This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.68.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gen Digital | Avira Antivirus |
Affected:
0 , < 8.3.70.68
(custom)
|
Date Public
2025-05-26 11:28
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7002",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T17:13:11.683382Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T17:13:17.522Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "Avira Antivirus",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "8.3.70.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Mike Zhang, an independent security researcher"
}
],
"datePublic": "2025-05-26T11:28:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.\u003cp\u003eThis issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.68.\u003c/p\u003e"
}
],
"value": "Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.\n\nThis issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.68."
}
],
"impacts": [
{
"capecId": "CAPEC-549",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-549 Local Execution of Code"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T21:59:52.538Z",
"orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
"shortName": "GEN"
},
"references": [
{
"url": "https://www.gendigital.com/us/en/contact-us/security-advisories/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to Avira scan engine build \u003cstrong\u003e8.3.70.68\u003c/strong\u003e or \u003cstrong\u003eany later\u003c/strong\u003e engine release. Builds at or above 8.3.70.68 include the fix."
}
],
"value": "Upgrade to Avira scan engine build 8.3.70.68 or any later engine release. Builds at or above 8.3.70.68 include the fix."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Avira antivirus engine heap buffer OOB read when scanning a malformed PDF file (variant 2)",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
"assignerShortName": "GEN",
"cveId": "CVE-2025-7002",
"datePublished": "2026-06-12T21:59:52.538Z",
"dateReserved": "2025-07-02T07:27:26.206Z",
"dateUpdated": "2026-06-15T17:13:17.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-7003 (GCVE-0-2025-7003)
Vulnerability from cvelistv5 – Published: 2026-06-12 22:02 – Updated: 2026-06-15 17:14
VLAI
Title
Avira antivirus engine heap buffer OOB read when scanning a malformed PDF file (variant 1)
Summary
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.
This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.56.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gen Digital | Avira Antivirus |
Affected:
0 , < 8.3.70.56
(custom)
|
Date Public
2025-06-13 09:30
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7003",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T17:14:16.374533Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T17:14:27.190Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "Avira Antivirus",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "8.3.70.56",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Mike Zhang, an independent security researcher"
}
],
"datePublic": "2025-06-13T09:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.\u003cp\u003eThis issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.56.\u003c/p\u003e"
}
],
"value": "Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.\n\nThis issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.56."
}
],
"impacts": [
{
"capecId": "CAPEC-549",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-549 Local Execution of Code"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T22:02:30.484Z",
"orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
"shortName": "GEN"
},
"references": [
{
"url": "https://www.gendigital.com/us/en/contact-us/security-advisories/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to Avira scan engine build \u003cstrong\u003e8.3.70.56\u003c/strong\u003e or \u003cstrong\u003eany later\u003c/strong\u003e engine release. Builds at or above 8.3.70.56 include the fix."
}
],
"value": "Upgrade to Avira scan engine build 8.3.70.56 or any later engine release. Builds at or above 8.3.70.56 include the fix."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Avira antivirus engine heap buffer OOB read when scanning a malformed PDF file (variant 1)",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
"assignerShortName": "GEN",
"cveId": "CVE-2025-7003",
"datePublished": "2026-06-12T22:02:30.484Z",
"dateReserved": "2025-07-02T07:39:58.345Z",
"dateUpdated": "2026-06-15T17:14:27.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-7008 (GCVE-0-2025-7008)
Vulnerability from cvelistv5 – Published: 2026-06-12 22:09 – Updated: 2026-06-15 17:11
VLAI
Title
Avast antivirus heap buffer OOB read when scanning a malformed PE file
Summary
Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file with .NET metadata may allow Local Execution of Code or Denial-of-Service of the antivirus process.
This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus definition builds before VPS 25021310.
The affected scanning logic is delivered through a shared Gen Digital virus definition update stream. The same stream feeds the consumer antivirus products listed in this advisory and other Gen Digital products that embed the same engine. Mitigation flows through this update channel; installations at or above the listed build are not vulnerable regardless of which product consumes the stream.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Gen Digital | Avast Antivirus |
Affected:
0 , < 25021310
(custom)
|
|
| Gen Digital | AVG Antivirus |
Affected:
0 , < 25021310
(custom)
|
|
| Gen Digital | Norton Antivirus |
Affected:
0 , < 25021310
(custom)
|
|
| Gen Digital | Avast One |
Affected:
0 , < 25021310
(custom)
|
|
| Gen Digital | Avast Business Antivirus |
Affected:
0 , < 25021310
(custom)
|
Date Public
2025-05-26 11:28
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7008",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T17:11:47.975824Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T17:11:56.726Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "Avast Antivirus",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "25021310",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "AVG Antivirus",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "25021310",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "Norton Antivirus",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "25021310",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "Avast One",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "25021310",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "Avast Business Antivirus",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "25021310",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Mike Zhang, an independent security researcher"
}
],
"datePublic": "2025-05-26T11:28:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file with .NET metadata may allow Local Execution of Code or Denial-of-Service of the antivirus process.\u003cp\u003eThis issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus definition builds before VPS 25021310.\u003c/p\u003e\u003cp\u003eThe affected scanning logic is delivered through a shared Gen Digital virus definition update stream. The same stream feeds the consumer antivirus products listed in this advisory and other Gen Digital products that embed the same engine. Mitigation flows through this update channel; installations at or above the listed build are not vulnerable regardless of which product consumes the stream.\u003c/p\u003e"
}
],
"value": "Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file with .NET metadata may allow Local Execution of Code or Denial-of-Service of the antivirus process.\n\nThis issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus definition builds before VPS 25021310.\n\n\n\nThe affected scanning logic is delivered through a shared Gen Digital virus definition update stream. The same stream feeds the consumer antivirus products listed in this advisory and other Gen Digital products that embed the same engine. Mitigation flows through this update channel; installations at or above the listed build are not vulnerable regardless of which product consumes the stream."
}
],
"impacts": [
{
"capecId": "CAPEC-549",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-549 Local Execution of Code"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T22:09:49.037Z",
"orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
"shortName": "GEN"
},
"references": [
{
"url": "https://www.gendigital.com/us/en/contact-us/security-advisories/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Install virus definitions \u003cstrong\u003eVPS 25021310\u003c/strong\u003e or \u003cstrong\u003eany later\u003c/strong\u003e virus-definition update. All builds at or above VPS 25021310 include the fix; staying current on definitions is required."
}
],
"value": "Install virus definitions VPS 25021310 or any later virus-definition update. All builds at or above VPS 25021310 include the fix; staying current on definitions is required."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Avast antivirus heap buffer OOB read when scanning a malformed PE file",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
"assignerShortName": "GEN",
"cveId": "CVE-2025-7008",
"datePublished": "2026-06-12T22:09:49.037Z",
"dateReserved": "2025-07-02T07:48:33.725Z",
"dateUpdated": "2026-06-15T17:11:56.726Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-7009 (GCVE-0-2025-7009)
Vulnerability from cvelistv5 – Published: 2026-06-12 22:10 – Updated: 2026-06-15 17:11
VLAI
Title
Avast antivirus heap buffer OOB read when scanning a malformed PE file
Summary
Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus process.
This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus definition builds before VPS 25021310.
The affected scanning logic is delivered through a shared Gen Digital virus definition update stream. The same stream feeds the consumer antivirus products listed in this advisory and other Gen Digital products that embed the same engine. Mitigation flows through this update channel; installations at or above the listed build are not vulnerable regardless of which product consumes the stream.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Gen Digital | Avast Antivirus |
Affected:
0 , < 25021310
(custom)
|
|
| Gen Digital | AVG Antivirus |
Affected:
0 , < 25021310
(custom)
|
|
| Gen Digital | Norton Antivirus |
Affected:
0 , < 25021310
(custom)
|
|
| Gen Digital | Avast One |
Affected:
0 , < 25021310
(custom)
|
|
| Gen Digital | Avast Business Antivirus |
Affected:
0 , < 25021310
(custom)
|
Date Public
2025-05-26 11:28
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7009",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T17:11:24.524045Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T17:11:31.580Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "Avast Antivirus",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "25021310",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "AVG Antivirus",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "25021310",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "Norton Antivirus",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "25021310",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "Avast One",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "25021310",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "Avast Business Antivirus",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "25021310",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Mike Zhang, an independent security researcher"
}
],
"datePublic": "2025-05-26T11:28:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus process.\u003cp\u003eThis issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus definition builds before VPS 25021310.\u003c/p\u003e\u003cp\u003eThe affected scanning logic is delivered through a shared Gen Digital virus definition update stream. The same stream feeds the consumer antivirus products listed in this advisory and other Gen Digital products that embed the same engine. Mitigation flows through this update channel; installations at or above the listed build are not vulnerable regardless of which product consumes the stream.\u003c/p\u003e"
}
],
"value": "Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus process.\n\nThis issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus definition builds before VPS 25021310.\n\n\n\nThe affected scanning logic is delivered through a shared Gen Digital virus definition update stream. The same stream feeds the consumer antivirus products listed in this advisory and other Gen Digital products that embed the same engine. Mitigation flows through this update channel; installations at or above the listed build are not vulnerable regardless of which product consumes the stream."
}
],
"impacts": [
{
"capecId": "CAPEC-549",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-549 Local Execution of Code"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T22:10:26.925Z",
"orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
"shortName": "GEN"
},
"references": [
{
"url": "https://www.gendigital.com/us/en/contact-us/security-advisories/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Install virus definitions \u003cstrong\u003eVPS 25021310\u003c/strong\u003e or \u003cstrong\u003eany later\u003c/strong\u003e virus-definition update. All builds at or above VPS 25021310 include the fix; staying current on definitions is required."
}
],
"value": "Install virus definitions VPS 25021310 or any later virus-definition update. All builds at or above VPS 25021310 include the fix; staying current on definitions is required."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Avast antivirus heap buffer OOB read when scanning a malformed PE file",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
"assignerShortName": "GEN",
"cveId": "CVE-2025-7009",
"datePublished": "2026-06-12T22:10:26.925Z",
"dateReserved": "2025-07-02T07:50:52.477Z",
"dateUpdated": "2026-06-15T17:11:31.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-7011 (GCVE-0-2025-7011)
Vulnerability from cvelistv5 – Published: 2026-06-12 22:12 – Updated: 2026-06-15 16:02
VLAI
Title
Avast antivirus heap OOB when scanning a malformed zip file
Summary
Heap out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed zip file containing XML may allow Local Execution of Code or Denial-of-Service of the antivirus process.
This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus definition builds from 25020100 before 25021208.
The affected scanning logic is delivered through a shared Gen Digital virus definition update stream. The same stream feeds the consumer antivirus products listed in this advisory and other Gen Digital products that embed the same engine. Mitigation flows through this update channel; installations at or above the listed build are not vulnerable regardless of which product consumes the stream.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Gen Digital | Avast Antivirus |
Affected:
25020100 , < 25021208
(custom)
|
|
| Gen Digital | AVG Antivirus |
Affected:
25020100 , < 25021208
(custom)
|
|
| Gen Digital | Norton Antivirus |
Affected:
25020100 , < 25021208
(custom)
|
|
| Gen Digital | Avast One |
Affected:
25020100 , < 25021208
(custom)
|
|
| Gen Digital | Avast Business Antivirus |
Affected:
25020100 , < 25021208
(custom)
|
Date Public
2025-05-26 11:28
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7011",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T16:02:32.681415Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T16:02:44.849Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "Avast Antivirus",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "25021208",
"status": "affected",
"version": "25020100",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "AVG Antivirus",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "25021208",
"status": "affected",
"version": "25020100",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "Norton Antivirus",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "25021208",
"status": "affected",
"version": "25020100",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "Avast One",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "25021208",
"status": "affected",
"version": "25020100",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "Avast Business Antivirus",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "25021208",
"status": "affected",
"version": "25020100",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Mike Zhang, an independent security researcher"
}
],
"datePublic": "2025-05-26T11:28:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Heap out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed zip file containing XML may allow Local Execution of Code or Denial-of-Service of the antivirus process.\u003cp\u003eThis issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus definition builds from 25020100 before 25021208.\u003c/p\u003e\u003cp\u003eThe affected scanning logic is delivered through a shared Gen Digital virus definition update stream. The same stream feeds the consumer antivirus products listed in this advisory and other Gen Digital products that embed the same engine. Mitigation flows through this update channel; installations at or above the listed build are not vulnerable regardless of which product consumes the stream.\u003c/p\u003e"
}
],
"value": "Heap out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed zip file containing XML may allow Local Execution of Code or Denial-of-Service of the antivirus process.\n\nThis issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus definition builds from 25020100 before 25021208.\n\n\n\nThe affected scanning logic is delivered through a shared Gen Digital virus definition update stream. The same stream feeds the consumer antivirus products listed in this advisory and other Gen Digital products that embed the same engine. Mitigation flows through this update channel; installations at or above the listed build are not vulnerable regardless of which product consumes the stream."
}
],
"impacts": [
{
"capecId": "CAPEC-549",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-549 Local Execution of Code"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T22:12:37.444Z",
"orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
"shortName": "GEN"
},
"references": [
{
"url": "https://www.gendigital.com/us/en/contact-us/security-advisories/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Install virus definitions \u003cstrong\u003eVPS 25021208\u003c/strong\u003e or \u003cstrong\u003eany later\u003c/strong\u003e virus-definition update. All builds at or above VPS 25021208 include the fix; staying current on definitions is required."
}
],
"value": "Install virus definitions VPS 25021208 or any later virus-definition update. All builds at or above VPS 25021208 include the fix; staying current on definitions is required."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Avast antivirus heap OOB when scanning a malformed zip file",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
"assignerShortName": "GEN",
"cveId": "CVE-2025-7011",
"datePublished": "2026-06-12T22:12:37.444Z",
"dateReserved": "2025-07-02T08:27:37.717Z",
"dateUpdated": "2026-06-15T16:02:44.849Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-7017 (GCVE-0-2025-7017)
Vulnerability from cvelistv5 – Published: 2026-06-12 22:13 – Updated: 2026-06-15 16:02
VLAI
Title
Avira antivirus engine heap buffer OOB read when scanning a malformed Windows MSI file
Summary
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows MSI file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.
This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.56.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gen Digital | Avira Antivirus |
Affected:
0 , < 8.3.70.56
(custom)
|
Date Public
2025-01-17 15:40
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7017",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T16:02:02.586536Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T16:02:13.703Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows",
"macOS",
"Linux"
],
"product": "Avira Antivirus",
"vendor": "Gen Digital",
"versions": [
{
"lessThan": "8.3.70.56",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Mike Zhang, an independent security researcher"
}
],
"datePublic": "2025-01-17T15:40:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows MSI file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.\u003cp\u003eThis issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.56.\u003c/p\u003e"
}
],
"value": "Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows MSI file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.\n\nThis issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.56."
}
],
"impacts": [
{
"capecId": "CAPEC-549",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-549 Local Execution of Code"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T22:13:13.533Z",
"orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
"shortName": "GEN"
},
"references": [
{
"url": "https://www.gendigital.com/us/en/contact-us/security-advisories/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to Avira scan engine build \u003cstrong\u003e8.3.70.56\u003c/strong\u003e or \u003cstrong\u003eany later\u003c/strong\u003e engine release. Builds at or above 8.3.70.56 include the fix."
}
],
"value": "Upgrade to Avira scan engine build 8.3.70.56 or any later engine release. Builds at or above 8.3.70.56 include the fix."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Avira antivirus engine heap buffer OOB read when scanning a malformed Windows MSI file",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
"assignerShortName": "GEN",
"cveId": "CVE-2025-7017",
"datePublished": "2026-06-12T22:13:13.533Z",
"dateReserved": "2025-07-02T11:59:07.847Z",
"dateUpdated": "2026-06-15T16:02:13.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-71264 (GCVE-0-2025-71264)
Vulnerability from cvelistv5 – Published: 2026-03-16 06:13 – Updated: 2026-03-16 14:40
VLAI
Summary
Mumble before 1.6.870 is prone to an out-of-bounds array access, which may result in denial of service (client crash).
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-71264",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T13:44:30.386354Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T14:40:37.627Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mumble",
"vendor": "Mumble",
"versions": [
{
"lessThan": "1.6.870",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mumble before 1.6.870 is prone to an out-of-bounds array access, which may result in denial of service (client crash)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T06:21:34.829Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/mumble-voip/mumble/commit/ff2a2332cccb267721553f09c0ded4de880622e0"
},
{
"url": "https://github.com/mumble-voip/mumble/pull/7032"
},
{
"url": "https://bugs.debian.org/1129178"
}
],
"x_generator": {
"engine": "CVE-Request-form 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-71264",
"datePublished": "2026-03-16T06:13:51.207Z",
"dateReserved": "2026-03-16T06:13:50.762Z",
"dateUpdated": "2026-03-16T14:40:37.627Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation ID: MIT-5
Phase: Implementation
Strategy: Input Validation
Description:
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
- To reduce the likelihood of introducing an out-of-bounds read, ensure that you validate and ensure correct calculations for any length argument, buffer size calculation, or offset. Be especially careful of relying on a sentinel (i.e. special character such as NUL) in untrusted inputs.
Mitigation
Phase: Architecture and Design
Strategy: Language Selection
Description:
- Use a language that provides appropriate memory abstractions.
CAPEC-540: Overread Buffers
An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.