CVSS: 5.3EPSS: 3%CPEs: 14EXPL: 2CVE-2023-20052 – Ubuntu Security Notice USN-5887-1
https://notcve.org/view.php?id=CVE-2023-20052
15 Feb 2023 — On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be ... • https://github.com/nokn0wthing/CVE-2023-20052 • CWE-611: Improper Restriction of XML External Entity Reference CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 10.0EPSS: 6%CPEs: 18EXPL: 0CVE-2023-20032 – Ubuntu Security Notice USN-5887-1
https://notcve.org/view.php?id=CVE-2023-20032
15 Feb 2023 — On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code. This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by C... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-20792 – Gentoo Linux Security Advisory 202310-01
https://notcve.org/view.php?id=CVE-2022-20792
17 May 2022 — A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution. The vulnerability is due to improper bounds checking that may result in a multi-byte heap buffer overwflow write. An attacker could exploit this vulnerability by placing a crafted CDB ClamAV signature database fi... • https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2022-20785 – ClamAV HTML Scanning Memory Leak Vulnerability Affecting Cisco Products: April 2022
https://notcve.org/view.php?id=CVE-2022-20785
04 May 2022 — On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information... • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-20771 – ClamAV TIFF File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022
https://notcve.org/view.php?id=CVE-2022-20771
04 May 2022 — On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional informa... • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html • CWE-399: Resource Management Errors •
CVSS: 8.6EPSS: 0%CPEs: 11EXPL: 0CVE-2022-20770 – ClamAV CHM File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022
https://notcve.org/view.php?id=CVE-2022-20770
04 May 2022 — On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information ... • https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 1CVE-2022-20698 – Clam AntiVirus (ClamAV) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20698
13 Jan 2022 — A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to... • https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-1386 – Cisco Advanced Malware Protection for Endpoints Windows Connector, ClamAV for Windows, and Immunet DLL Hijacking Vulnerability
https://notcve.org/view.php?id=CVE-2021-1386
07 Apr 2021 — A vulnerability in the dynamic link library (DLL) loading mechanism in Cisco Advanced Malware Protection (AMP) for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system. To exploit this vulnerability, the attacker would need valid credentials on the system. The vulnerability is due to insufficient validation of directory search paths at run time. An attacker could exploit this vulnerability by... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-amp-imm-dll-tu79hvkO • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2021-1405 – Clam AntiVirus (ClamAV) PDF Parser Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1405
07 Apr 2021 — A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, result... • https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-909: Missing Initialization of Resource •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-27506
https://notcve.org/view.php?id=CVE-2021-27506
19 Mar 2021 — The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This issue is fixed in SNS 3.7.19, 3.11.7 and 4.2.1. El componente ClamAV Engine (versión 0.103.1 e inferior) incrustado en Storsmshield Network Security (SNS) está sujeto a DoS en caso de analizar archivos png malformados. Esto afecta a las versiones 9.1.0 a 9.1.11 de ... • https://advisories.stormshield.eu/2021-003 •