Vulnerabilities > Clamav

DATE CVE VULNERABILITY TITLE RISK
2022-01-14 CVE-2022-20698 Out-of-bounds Read vulnerability in multiple products
A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav debian canonical CWE-125
7.5
2021-04-08 CVE-2021-1405 Missing Initialization of Resource vulnerability in multiple products
A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav debian CWE-909
7.5
2021-04-08 CVE-2021-1404 Out-of-bounds Read vulnerability in Clamav 0.103.0/0.103.1
A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav CWE-125
7.5
2021-04-08 CVE-2021-1252 Infinite Loop vulnerability in Clamav 0.103.0/0.103.1
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav CWE-835
7.5
2021-03-19 CVE-2021-27506 The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files.
local
low complexity
netasq-project stormshield clamav
5.5
2020-07-20 CVE-2020-3481 NULL Pointer Dereference vulnerability in multiple products
A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav debian canonical fedoraproject CWE-476
7.5
2020-02-05 CVE-2020-3123 Out-of-bounds Read vulnerability in multiple products
A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav canonical CWE-125
7.5
2020-01-15 CVE-2019-15961 Resource Exhaustion vulnerability in multiple products
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav cisco debian canonical CWE-400
6.5
2019-11-15 CVE-2013-7089 Information Exposure vulnerability in multiple products
ClamAV before 0.97.7: dbg_printhex possible information leak
network
low complexity
clamav debian fedoraproject CWE-200
7.5
2019-11-15 CVE-2013-7088 Classic Buffer Overflow vulnerability in multiple products
ClamAV before 0.97.7 has buffer overflow in the libclamav component
network
low complexity
clamav debian fedoraproject CWE-120
critical
9.8