Vulnerabilities > Clamav > High

DATE CVE VULNERABILITY TITLE RISK
2020-07-20 CVE-2020-3481 NULL Pointer Dereference vulnerability in multiple products
A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav debian canonical fedoraproject CWE-476
7.5
2020-02-05 CVE-2020-3123 Out-of-bounds Read vulnerability in multiple products
A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav canonical CWE-125
7.5
2019-11-15 CVE-2013-7089 Information Exposure vulnerability in multiple products
ClamAV before 0.97.7: dbg_printhex possible information leak
network
low complexity
clamav debian fedoraproject CWE-200
7.5
2019-11-05 CVE-2019-1789 Out-of-bounds Read vulnerability in Clamav
ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability.
network
low complexity
clamav CWE-125
7.5
2019-11-05 CVE-2019-12625 Improper Resource Shutdown or Release vulnerability in Clamav
ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.
network
low complexity
clamav CWE-404
7.5
2019-04-08 CVE-2019-1785 Path Traversal vulnerability in Clamav 0.101.0/0.101.1
A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
local
low complexity
clamav CWE-22
7.8
2018-01-26 CVE-2017-12380 NULL Pointer Dereference vulnerability in multiple products
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
debian clamav CWE-476
7.5
2018-01-26 CVE-2017-12376 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device.
local
low complexity
debian clamav CWE-119
7.8
2018-01-26 CVE-2017-12375 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
debian clamav CWE-119
7.5
2018-01-26 CVE-2017-12374 Use After Free vulnerability in multiple products
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
debian clamav CWE-416
7.5