Latest clamav clamav Vulnerabilities

CVE-2022-20803
A vulnerability in the OLE2 file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affecte...
Clamav Clamav>=0.104.0<0.104.3
CVE-2023-20052
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0....
Cisco Secure Endpoint<1.20.2
Cisco Secure Endpoint<1.21.1
Cisco Secure Endpoint<7.5.9
Cisco Secure Endpoint>=8.0.1.21160<8.1.5
Cisco Secure Endpoint Private Cloud<3.6.0
Clamav Clamav<=0.103.7
and 8 more
CVE-2023-20032
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earl...
Cisco Secure Endpoint<1.20.2
Cisco Secure Endpoint<1.21.1
Cisco Secure Endpoint<7.5.9
Cisco Secure Endpoint>=8.0.1.21160<8.1.5
Cisco Secure Endpoint Private Cloud<3.6.0
Cisco Web Security Appliance<12.5.6
and 12 more
CVE-2022-20792
A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an aut...
Clamav Clamav<=0.103.5
Clamav Clamav>=0.104.0<=0.104.2
CVE-2022-20785
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus ...
Clamav Clamav<0.103.5
Clamav Clamav<=0.103.5
Clamav Clamav>=0.104.0<0.104.2
Cisco Secure Endpoint<1.16.3
Cisco Secure Endpoint<1.17.2
Cisco Secure Endpoint<7.5.5
and 6 more
CVE-2022-20771
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVi...
Clamav Clamav<=0.103.5
Clamav Clamav>=0.104.0<=0.104.2
Cisco Secure Endpoint<1.16.3
Cisco Secure Endpoint<1.17.2
Cisco Secure Endpoint<7.5.5
Cisco Secure Endpoint>=1.18.0<1.18.2
and 5 more
CVE-2022-20796
On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103...
Clamav Clamav=0.103.4
Clamav Clamav=0.103.5
Clamav Clamav=0.104.1
Clamav Clamav=0.104.2
Cisco Secure Endpoint<1.16.3
Cisco Secure Endpoint<1.17.2
and 7 more
CVE-2022-20770
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (...
Clamav Clamav<=0.103.5
Clamav Clamav>=0.104.0<=0.104.2
Cisco Secure Endpoint<1.16.3
Cisco Secure Endpoint<1.17.2
Cisco Secure Endpoint<7.5.5
Cisco Secure Endpoint>=1.18.0<1.18.2
and 5 more
CVE-2022-20698
A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a de...
Clamav Clamav<0.103.5
Clamav Clamav>=0.104.0<0.104.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Canonical Ubuntu Linux=14.04
and 5 more
CVE-2021-1404
A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an ...
Clamav Clamav=0.103.0
Clamav Clamav=0.103.1
CVE-2021-1405
A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service cond...
Clamav Clamav<=0.103.1
Debian Debian Linux=9.0
CVE-2021-1252
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service cond...
Clamav Clamav=0.103.0
Clamav Clamav=0.103.1
CVE-2021-27506
The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 t...
Netasq Project Netasq>=9.1.0<=9.1.11
Stormshield Network Security>=1.0<=4.2.0
Clamav Clamav<=0.103.1
CVE-2020-3481
A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition ...
Clamav Clamav>=0.102.0<=0.102.3
Canonical Ubuntu Linux=12.04
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=20.04
and 9 more
CVE-2020-3123
A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service c...
Clamav Clamav=0.102.0
Clamav Clamav=0.102.1
Canonical Ubuntu Linux=12.04
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
and 7 more
CVE-2013-7089
ClamAV before 0.97.7: dbg_printhex possible information leak
debian/clamav
Clamav Clamav<0.97.7
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=17
and 1 more
CVE-2013-7087
ClamAV before 0.97.7 has WWPack corrupt heap memory
debian/clamav
Clamav Clamav<0.97.7
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=17
and 1 more
CVE-2013-7088
ClamAV before 0.97.7 has buffer overflow in the libclamav component
debian/clamav
Clamav Clamav<0.97.7
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=17
and 1 more
CVE-2007-6745
clamav 0.91.2 suffers from a floating point exception when using ScanOLE2.
Clamav Clamav=0.91.2
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
debian/clamav
CVE-2007-0899
There is a possible heap overflow in libclamav/fsg.c before 0.100.0.
Clamav Clamav<0.100.0
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
debian/clamav
CVE-2019-1789
ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL fi...
Clamav Clamav<0.101.2
CVE-2019-12625
ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system...
Clamav Clamav<0.101.3
ubuntu/clamav<0.101.4+dfsg-0ubuntu0.18.04.1
ubuntu/clamav<0.101.4+dfsg-0ubuntu0.19.04.1
ubuntu/clamav<0.101.4+dfsg-0ubuntu0.14.04.1+
ubuntu/clamav<0.101.4+dfsg-0ubuntu0.16.04.1
ubuntu/clamav<0.101.4
and 1 more
CVE-2019-1788
A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to c...
Clamav Clamav<=0.101.1
openSUSE Leap=15.0
openSUSE Leap=42.3
Debian Debian Linux=8.0
CVE-2019-1786
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a...
Clamav Clamav=0.101.0
Clamav Clamav=0.101.1
CVE-2019-1787
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a d...
Clamav Clamav<=0.101.1
Debian Debian Linux=8.0
openSUSE Leap=15.0
openSUSE Leap=42.3
CVE-2018-15378
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the "u...
Clamav Clamav<0.100.2
Debian Debian Linux=8.0
Canonical Ubuntu Linux=12.04
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
and 5 more
CVE-2018-0360
ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c.
debian/clamav
ubuntu/clamav<0.100.1+dfsg-1ubuntu0.18.04.1
ubuntu/clamav<0.100.1+dfsg-1ubuntu0.14.04.1
ubuntu/clamav<0.100.1+dfsg-1
ubuntu/clamav<0.100.1+dfsg-1ubuntu0.16.04.1
Clamav Clamav<0.100.1
and 5 more
CVE-2018-0361
ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file.
debian/clamav
ubuntu/clamav<0.100.1+dfsg-1ubuntu0.18.04.1
ubuntu/clamav<0.100.1+dfsg-1ubuntu0.14.04.1
ubuntu/clamav<0.100.1+dfsg-1
ubuntu/clamav<0.100.1+dfsg-1ubuntu0.16.04.1
Clamav Clamav<0.100.1
and 1 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203