High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-15	CVE-2013-7087	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ClamAV before 0.97.7 has WWPack corrupt heap memory network low complexity clamav debian fedoraproject CWE-119	7.5
2019-11-07	CVE-2007-6745	clamav 0.91.2 suffers from a floating point exception when using ScanOLE2. network low complexity clamav debian	7.5
2019-11-06	CVE-2007-0899	Out-of-bounds Write vulnerability in multiple products There is a possible heap overflow in libclamav/fsg.c before 0.100.0. network low complexity clamav debian CWE-787	7.5
2019-04-08	CVE-2019-1785	Path Traversal vulnerability in Clamav 0.101.0/0.101.1 A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. local low complexity clamav CWE-22	7.8
2018-01-26	CVE-2017-12380	NULL Pointer Dereference vulnerability in multiple products ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. network low complexity debian clamav CWE-476	7.8
2018-01-26	CVE-2017-12378	Out-of-bounds Read vulnerability in multiple products ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. network debian clamav CWE-125	7.1
2018-01-26	CVE-2017-12375	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. network low complexity debian clamav CWE-119	7.8
2018-01-26	CVE-2017-12374	Use After Free vulnerability in multiple products The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. network low complexity debian clamav CWE-416	7.8
2015-02-03	CVE-2015-1462	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition." network low complexity fedoraproject clamav CWE-119	7.5
2015-02-03	CVE-2015-1461	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition." network low complexity fedoraproject clamav CWE-119	7.5