Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Clamav
(Clamav)Repositories |
• https://github.com/vrtadmin/clamav-devel
• https://github.com/Cisco-Talos/clamav-devel |
#Vulnerabilities | 89 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2008-09-11 | CVE-2008-3914 | Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c. | Clamav | N/A | ||
2019-04-08 | CVE-2019-1788 | A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an affected device. An attacker could exploit this vulnerability by sending malformed OLE2 files to the device running an affected... | Clamav, Debian_linux, Leap | 5.5 | ||
2019-11-06 | CVE-2007-0899 | There is a possible heap overflow in libclamav/fsg.c before 0.100.0. | Clamav, Debian_linux | N/A | ||
2019-11-05 | CVE-2019-12625 | ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system. | Clamav | N/A | ||
2019-11-15 | CVE-2013-7089 | ClamAV before 0.97.7: dbg_printhex possible information leak | Clamav, Debian_linux, Fedora | N/A | ||
2019-11-15 | CVE-2013-7088 | ClamAV before 0.97.7 has buffer overflow in the libclamav component | Clamav, Debian_linux, Fedora | N/A | ||
2019-11-15 | CVE-2013-7087 | ClamAV before 0.97.7 has WWPack corrupt heap memory | Clamav, Debian_linux, Fedora | N/A | ||
2019-11-07 | CVE-2007-6745 | clamav 0.91.2 suffers from a floating point exception when using ScanOLE2. | Clamav, Debian_linux | N/A | ||
2019-11-05 | CVE-2019-1789 | ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking. | Clamav | N/A | ||
2018-10-15 | CVE-2018-15378 | A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11()" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file. | Ubuntu_linux, Clamav, Debian_linux | 5.5 |