cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-20290,https://securityvulnerability.io/vulnerability/CVE-2024-20290,ClamAV OLE2 File Format Parser Vulnerability Could Lead to Denial of Service,"A vulnerability exists in the OLE2 file format parser within ClamAV, allowing unauthenticated remote attackers to trigger a denial of service (DoS) on devices utilizing this software. This issue stems from an improper verification of end-of-string values during file scanning processes, leading to potential heap buffer over-reads. By submitting specially crafted files containing OLE2 content for scanning, an attacker could effectively terminate the ClamAV scanning service, which results in a DoS condition while simultaneously consuming the system's available resources. Immediate attention to affected versions is crucial to ensure operational integrity.",Cisco,"Cisco Secure Endpoint,Cisco Secure Endpoint Private Cloud Administration Portal,Cisco Secure Endpoint Private Cloud Console",7.5,HIGH,0.0009899999713525176,false,true,false,true,,false,false,2024-02-07T16:16:00.975Z,0
CVE-2023-20084,https://securityvulnerability.io/vulnerability/CVE-2023-20084,,"A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components. An attacker could exploit this vulnerability by persuading a user to put a malicious file into a specific folder and then persuading the user to execute the file within a limited time window. A successful exploit could allow the attacker to cause the endpoint software to fail to quarantine the malicious file or kill its process. Note: This vulnerability only applies to deployments that have the Windows Folder Redirection feature enabled.",Cisco,Cisco Secure Endpoint,4.4,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2023-11-22T17:15:00.000Z,0
CVE-2023-20212,https://securityvulnerability.io/vulnerability/CVE-2023-20212,Denial of Service Vulnerability in ClamAV's AutoIt Module,"A vulnerability exists in the AutoIt module of ClamAV that may allow unauthenticated remote attackers to trigger a denial of service condition. This flaw is caused by a logic error in memory management, enabling attackers to submit specially crafted AutoIt files for scanning. If successful, the exploit could lead to the ClamAV scanning process restarting unexpectedly, thereby disrupting services.",Cisco,Cisco Secure Endpoint,7.5,HIGH,0.0009800000116229057,false,false,false,false,,false,false,2023-08-18T20:15:00.000Z,0
CVE-2023-20197,https://securityvulnerability.io/vulnerability/CVE-2023-20197,Denial of Service Vulnerability in ClamAV's HFS+ Filesystem Image Parser,"A flaw in the filesystem image parser for Hierarchical File System Plus (HFS+) in ClamAV allows an unauthenticated, remote attacker to potentially trigger a denial of service (DoS) condition. This vulnerability arises from an improper check for completion when decompressing a file, which can lead to an infinite loop scenario, making the affected software unresponsive. By submitting a specially crafted HFS+ filesystem image for scanning, an attacker can exploit this flaw, resulting in the ClamAV scanning process halting and consuming system resources, ultimately disrupting service availability. Further details can be found in the ClamAV blog and security advisories.",Cisco,"Cisco Secure Endpoint,Cisco Secure Endpoint Private Cloud Console",7.5,HIGH,0.001180000021122396,false,false,false,false,,false,false,2023-08-16T22:15:00.000Z,0
CVE-2023-20032,https://securityvulnerability.io/vulnerability/CVE-2023-20032,Buffer Overflow Vulnerability in ClamAV Scanning Library Affecting Multiple Versions,"On February 15, 2023, a vulnerability was disclosed in the HFS+ partition file parser of ClamAV, enabling potential malicious exploitation. The flaw arises from a lack of buffer size verification, leading to the possibility of a heap buffer overflow. An attacker can exploit this vulnerability by submitting a specifically crafted HFS+ partition file for scanning. A successful attack could result in arbitrary code execution with the same privileges as the ClamAV scanning process, or it could crash the process entirely, causing a denial of service (DoS) situation. For further details, please refer to the ClamAV blog.",Cisco,"Cisco Secure Web Appliance,Cisco Secure Endpoint,Cisco Secure Endpoint Private Cloud Administration Portal",9.8,CRITICAL,0.003160000080242753,false,false,false,false,,false,false,2023-03-01T08:15:00.000Z,0
CVE-2023-20052,https://securityvulnerability.io/vulnerability/CVE-2023-20052,,"On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:
  A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device.
  This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process.",Cisco,Cisco Secure Endpoint,5.3,MEDIUM,0.000859999970998615,false,false,false,true,true,false,false,2023-03-01T08:15:00.000Z,0