Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
clamav vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-11423
The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote malicious users to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file.
Libmspack Project Libmspack 0.5
5.5
CVSSv3
CVE-2016-1371
ClamAV (aka Clam AntiVirus) prior to 0.99.2 allows remote malicious users to cause a denial of service (application crash) via a crafted mew packer executable.
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Clamav Clamav
5.5
CVSSv3
CVE-2016-1372
ClamAV (aka Clam AntiVirus) prior to 0.99.2 allows remote malicious users to cause a denial of service (application crash) via a crafted 7z file.
Clamav Clamav
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
5.3
CVSSv3
CVE-2023-20052
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and previous versions, 0.105.1 and previous versions, and 0.103.7 and previous versions could allow an unauthenticated, remot...
Cisco Secure Endpoint Private Cloud
Cisco Secure Endpoint
Clamav Clamav 1.0.0
Clamav Clamav
Stormshield Stormshield Network Security
3 Github repositories
1 Article
4.3
CVSSv3
CVE-2018-18585
chmd_read_headers in mspack/chmd.c in libmspack prior to 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).
Kyzer Libmspack 0.7
Kyzer Libmspack 0.6
Kyzer Libmspack 0.5
Kyzer Libmspack 0.4
Kyzer Libmspack 0.3
Debian Debian Linux 8.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 12
Starwindsoftware Starwind Virtual San -
3.3
CVSSv3
CVE-2018-20873
cPanel prior to 74.0.8 allows local users to disable the ClamAV daemon (SEC-409).
Cpanel Cpanel
3.3
CVSSv3
CVE-2018-0361
ClamAV prior to 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file.
Clamav Clamav
Debian Debian Linux 8.0
NA
CVE-2024-20380
A vulnerability in the HTML parser of ClamAV could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an issue in the C to Rust foreign function interface. An attacker could exploit this ...
NA
CVE-2024-20328
A vulnerability in the VirusEvent feature of ClamAV could allow a local malicious user to inject arbitrary commands with the privileges of the application service account.The vulnerability is due to unsafe handling of file names. A local attacker could exploit this vulnerability ...
NA
CVE-2015-2170
The upx decoder in ClamAV prior to 0.98.7 allows remote malicious users to cause a denial of service (crash) via a crafted file.
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Clamav Clamav
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »