Vulnerabilities > Clamav

DATE CVE VULNERABILITY TITLE RISK
2021-04-08 CVE-2021-1405 Classic Buffer Overflow vulnerability in multiple products
A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav debian CWE-120
5.0
2021-04-08 CVE-2021-1252 Improper Input Validation vulnerability in Clamav 0.103.0/0.103.1
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav CWE-20
7.8
2021-03-19 CVE-2021-27506 The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. 4.3
2020-07-20 CVE-2020-3481 NULL Pointer Dereference vulnerability in Clamav
A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav CWE-476
5.0
2020-02-05 CVE-2020-3123 Out-of-bounds Read vulnerability in Clamav 0.102.0/0.102.1
A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav CWE-125
5.0
2020-01-15 CVE-2019-15961 Resource Exhaustion vulnerability in multiple products
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
clamav cisco CWE-400
7.1
2019-11-15 CVE-2013-7089 Information Exposure vulnerability in multiple products
ClamAV before 0.97.7: dbg_printhex possible information leak
network
low complexity
clamav debian fedoraproject CWE-200
5.0
2019-11-15 CVE-2013-7088 Classic Buffer Overflow vulnerability in multiple products
ClamAV before 0.97.7 has buffer overflow in the libclamav component
network
low complexity
clamav debian fedoraproject CWE-120
7.5
2019-11-15 CVE-2013-7087 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
ClamAV before 0.97.7 has WWPack corrupt heap memory
network
low complexity
clamav debian fedoraproject CWE-119
7.5
2019-11-07 CVE-2007-6745 clamav 0.91.2 suffers from a floating point exception when using ScanOLE2.
network
low complexity
clamav debian
7.5