Vulnerabilities > Clamav > Clamav > 0.85.0

DATE CVE VULNERABILITY TITLE RISK
2018-07-16 CVE-2018-0360 Integer Overflow or Wraparound vulnerability in multiple products
ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file.
local
low complexity
clamav canonical debian CWE-190
5.5
5.5
2018-03-27 CVE-2018-0202 Out-of-bounds Read vulnerability in multiple products
clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
local
low complexity
clamav canonical debian CWE-125
5.5
5.5
2018-01-26 CVE-2017-12380 NULL Pointer Dereference vulnerability in multiple products
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
debian clamav CWE-476
7.5
7.5
2018-01-26 CVE-2017-12379 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device.
network
low complexity
debian clamav CWE-119
critical
 9.8
9.8
2018-01-26 CVE-2017-12378 Out-of-bounds Read vulnerability in multiple products
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
local
low complexity
debian clamav CWE-125
5.5
5.5
2018-01-26 CVE-2017-12377 Out-of-bounds Read vulnerability in multiple products
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device.
network
low complexity
debian clamav CWE-125
critical
 9.8
9.8
2018-01-26 CVE-2017-12376 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device.
local
low complexity
debian clamav CWE-119
7.8
7.8
2018-01-26 CVE-2017-12375 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
debian clamav CWE-119
7.5
7.5
2018-01-26 CVE-2017-12374 Use After Free vulnerability in multiple products
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
debian clamav CWE-416
7.5
7.5
2016-10-03 CVE-2016-1372 Improper Access Control vulnerability in multiple products
ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file.
local
low complexity
clamav canonical CWE-284
5.5
5.5