cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-20290,https://securityvulnerability.io/vulnerability/CVE-2024-20290,ClamAV OLE2 File Format Parser Vulnerability Could Lead to Denial of Service,"A vulnerability exists in the OLE2 file format parser within ClamAV, allowing unauthenticated remote attackers to trigger a denial of service (DoS) on devices utilizing this software. This issue stems from an improper verification of end-of-string values during file scanning processes, leading to potential heap buffer over-reads. By submitting specially crafted files containing OLE2 content for scanning, an attacker could effectively terminate the ClamAV scanning service, which results in a DoS condition while simultaneously consuming the system's available resources. Immediate attention to affected versions is crucial to ensure operational integrity.",Cisco,"Cisco Secure Endpoint,Cisco Secure Endpoint Private Cloud Administration Portal,Cisco Secure Endpoint Private Cloud Console",7.5,HIGH,0.0009899999713525176,false,true,false,true,,false,false,2024-02-07T16:16:00.975Z,0
CVE-2023-20032,https://securityvulnerability.io/vulnerability/CVE-2023-20032,Buffer Overflow Vulnerability in ClamAV Scanning Library Affecting Multiple Versions,"On February 15, 2023, a vulnerability was disclosed in the HFS+ partition file parser of ClamAV, enabling potential malicious exploitation. The flaw arises from a lack of buffer size verification, leading to the possibility of a heap buffer overflow. An attacker can exploit this vulnerability by submitting a specifically crafted HFS+ partition file for scanning. A successful attack could result in arbitrary code execution with the same privileges as the ClamAV scanning process, or it could crash the process entirely, causing a denial of service (DoS) situation. For further details, please refer to the ClamAV blog.",Cisco,"Cisco Secure Web Appliance,Cisco Secure Endpoint,Cisco Secure Endpoint Private Cloud Administration Portal",9.8,CRITICAL,0.003160000080242753,false,false,false,false,,false,false,2023-03-01T08:15:00.000Z,0