cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-20290,https://securityvulnerability.io/vulnerability/CVE-2024-20290,ClamAV OLE2 File Format Parser Vulnerability Could Lead to Denial of Service,"A vulnerability exists in the OLE2 file format parser within ClamAV, allowing unauthenticated remote attackers to trigger a denial of service (DoS) on devices utilizing this software. This issue stems from an improper verification of end-of-string values during file scanning processes, leading to potential heap buffer over-reads. By submitting specially crafted files containing OLE2 content for scanning, an attacker could effectively terminate the ClamAV scanning service, which results in a DoS condition while simultaneously consuming the system's available resources. Immediate attention to affected versions is crucial to ensure operational integrity.",Cisco,"Cisco Secure Endpoint,Cisco Secure Endpoint Private Cloud Administration Portal,Cisco Secure Endpoint Private Cloud Console",7.5,HIGH,0.0009899999713525176,false,true,false,true,,false,false,2024-02-07T16:16:00.975Z,0
CVE-2023-20197,https://securityvulnerability.io/vulnerability/CVE-2023-20197,Denial of Service Vulnerability in ClamAV's HFS+ Filesystem Image Parser,"A flaw in the filesystem image parser for Hierarchical File System Plus (HFS+) in ClamAV allows an unauthenticated, remote attacker to potentially trigger a denial of service (DoS) condition. This vulnerability arises from an improper check for completion when decompressing a file, which can lead to an infinite loop scenario, making the affected software unresponsive. By submitting a specially crafted HFS+ filesystem image for scanning, an attacker can exploit this flaw, resulting in the ClamAV scanning process halting and consuming system resources, ultimately disrupting service availability. Further details can be found in the ClamAV blog and security advisories.",Cisco,"Cisco Secure Endpoint,Cisco Secure Endpoint Private Cloud Console",7.5,HIGH,0.001180000021122396,false,false,false,false,,false,false,2023-08-16T22:15:00.000Z,0