Vulnerabilities > Clamav
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-01-14 | CVE-2022-20698 | Out-of-bounds Read vulnerability in multiple products A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. | 7.5 |
2021-04-08 | CVE-2021-1405 | Missing Initialization of Resource vulnerability in multiple products A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. | 7.5 |
2021-04-08 | CVE-2021-1404 | Out-of-bounds Read vulnerability in Clamav 0.103.0/0.103.1 A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. | 7.5 |
2021-04-08 | CVE-2021-1252 | Infinite Loop vulnerability in Clamav 0.103.0/0.103.1 A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. | 7.5 |
2021-03-19 | CVE-2021-27506 | The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. | 5.5 |
2020-07-20 | CVE-2020-3481 | NULL Pointer Dereference vulnerability in multiple products A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. | 7.5 |
2020-02-05 | CVE-2020-3123 | Out-of-bounds Read vulnerability in multiple products A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. | 7.5 |
2020-01-15 | CVE-2019-15961 | Resource Exhaustion vulnerability in multiple products A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. | 6.5 |
2019-11-15 | CVE-2013-7089 | Information Exposure vulnerability in multiple products ClamAV before 0.97.7: dbg_printhex possible information leak | 7.5 |
2019-11-15 | CVE-2013-7088 | Classic Buffer Overflow vulnerability in multiple products ClamAV before 0.97.7 has buffer overflow in the libclamav component | 9.8 |