Vulnerabilities > Clamav

DATE CVE VULNERABILITY TITLE RISK
2018-10-15 CVE-2018-15378 Out-of-bounds Read vulnerability in multiple products
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition.
local
low complexity
clamav debian canonical CWE-125
5.5
5.5
2018-07-16 CVE-2018-0361 Improper Input Validation vulnerability in multiple products
ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file.
local
low complexity
clamav debian CWE-20
3.3
3.3
2018-07-16 CVE-2018-0360 Integer Overflow or Wraparound vulnerability in multiple products
ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file.
local
low complexity
clamav canonical debian CWE-190
5.5
5.5
2018-03-27 CVE-2018-0202 Out-of-bounds Read vulnerability in multiple products
clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
local
low complexity
clamav canonical debian CWE-125
5.5
5.5
2018-03-13 CVE-2018-1000085 Out-of-bounds Read vulnerability in multiple products
ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains..
local
low complexity
clamav debian canonical CWE-125
5.5
5.5
2018-01-26 CVE-2017-12380 NULL Pointer Dereference vulnerability in multiple products
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
debian clamav CWE-476
7.5
7.5
2018-01-26 CVE-2017-12379 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device.
network
low complexity
debian clamav CWE-119
critical
 9.8
9.8
2018-01-26 CVE-2017-12378 Out-of-bounds Read vulnerability in multiple products
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
local
low complexity
debian clamav CWE-125
5.5
5.5
2018-01-26 CVE-2017-12377 Out-of-bounds Read vulnerability in multiple products
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device.
network
low complexity
debian clamav CWE-125
critical
 9.8
9.8
2018-01-26 CVE-2017-12376 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device.
local
low complexity
debian clamav CWE-119
7.8
7.8