cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-20506,https://securityvulnerability.io/vulnerability/CVE-2024-20506,Clam AntiVirus Vulnerability in ClamD Service Module Allows File Corruption,"A significant security risk has been identified within the ClamD service module of Clam AntiVirus (ClamAV) which affects various versions including 1.4.0 and earlier. This vulnerability permits an authenticated, local attacker to potentially corrupt critical system files. The flaw arises from the ClamD process's ability to write to its log file while running with elevated privileges without verifying whether the log file has been replaced with a symbolic link. By substituting the ClamD log file with a symlink pointing to a vital system file, an attacker can exploit the vulnerability when the ClamD process is restarted, leading to unauthorized appending of log messages. This could endanger the integrity of essential system files, highlighting the importance of applying recommended security patches and conducting regular system audits.",Cisco,Clamav,6.1,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-04T22:15:00.000Z,0
CVE-2024-20505,https://securityvulnerability.io/vulnerability/CVE-2024-20505,ClamAV Vulnerability Could Lead to Denial of Service,"A vulnerability exists in the PDF parsing module of Clam AntiVirus, affecting various older versions including 1.4.0, 1.3.2, and several prior releases. This issue is due to an out of bounds read that could potentially allow an unauthenticated remote attacker to submit specially crafted PDF files to be scanned. When exploited, this vulnerability may lead to a denial of service (DoS) condition, causing affected devices to terminate their scanning processes unexpectedly, thereby compromising the integrity of the antivirus service.",Cisco,Clamav,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-09-04T22:15:00.000Z,0
CVE-2024-20328,https://securityvulnerability.io/vulnerability/CVE-2024-20328,ClamAV Vulnerability Could Allow Arbitrary Command Execution,"A vulnerability in the VirusEvent feature of ClamAV allows a local attacker to inject arbitrary commands with the application service account privileges due to unsafe handling of file names. The vulnerability affects multiple versions of ClamAV and can be exploited by configuring the VirusEvent feature in the conf file. The exploitation of this vulnerability has not been reported in the wild, and ClamAV has released software updates to address this issue. The vulnerability allows users to execute commands in the context of the user running the ClamAV application, making it crucial to update to the fixed versions of the software to mitigate the risk.",Cisco,Clamav,5.3,MEDIUM,0.0004299999854993075,false,,true,false,false,,,false,false,,2024-03-01T20:48:15.328Z,0
CVE-2022-20803,https://securityvulnerability.io/vulnerability/CVE-2022-20803,ClamAV Double-free Vulnerability in the OLE2 File Parser,"Clam AntiVirus versions 0.104.0 through 0.104.2 contain a vulnerability in the OLE2 file parser that may be exploited by unauthenticated remote attackers. By crafting a malicious OLE2 file and submitting it for scanning, an attacker can trigger a double-free condition due to improper handling of the realloc function, resulting in a crash of the scanning process. This could lead to a denial of service, disrupting the functionality of ClamAV on the affected device.",Cisco,Clamav,8.6,HIGH,0.0021100000012665987,false,,false,false,false,,,false,false,,2023-02-17T00:00:00.000Z,0
CVE-2022-20792,https://securityvulnerability.io/vulnerability/CVE-2022-20792,Heap Buffer Overflow in ClamAV Affects Local Users,"A vulnerability exists in the regex module used by the Clam AntiVirus signature database load module, allowing an authenticated local attacker to potentially crash the service and execute arbitrary code. This arises from improper bounds checking leading to a multi-byte heap buffer overflow. By placing a maliciously crafted CDB signature database file in the ClamAV database directory, an attacker can exploit the flaw, potentially gaining the ability to run code as the clamav user, threatening system integrity.",Cisco,Clam Antivirus (clamav),7.8,HIGH,0.0007300000288523734,false,,false,false,false,,,false,false,,2022-05-04T00:00:00.000Z,0
CVE-2022-20698,https://securityvulnerability.io/vulnerability/CVE-2022-20698,Clam AntiVirus (ClamAV) Denial of Service Vulnerability,"A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition.",Cisco,Clamav,7.5,HIGH,0.002309999894350767,false,,false,false,true,2024-08-03T03:15:37.000Z,,false,false,,2022-01-14T00:00:00.000Z,0
CVE-2021-1404,https://securityvulnerability.io/vulnerability/CVE-2021-1404,Clam AntiVirus (ClamAV) Email Parser Denial of Service Vulnerability,"A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that may result in a heap buffer over-read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition.",Cisco,Clamav,7.5,HIGH,0.0017900000093504786,false,,false,false,false,,,false,false,,2021-04-08T00:00:00.000Z,0
CVE-2021-1405,https://securityvulnerability.io/vulnerability/CVE-2021-1405,Clam AntiVirus (ClamAV) PDF Parser Denial of Service Vulnerability,"A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.",Cisco,Clamav,7.5,HIGH,0.005690000019967556,false,,false,false,false,,,false,false,,2021-04-08T00:00:00.000Z,0
CVE-2021-1252,https://securityvulnerability.io/vulnerability/CVE-2021-1252,Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability,"A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.",Cisco,Clamav,7.5,HIGH,0.0017900000093504786,false,,false,false,false,,,false,false,,2021-04-08T00:00:00.000Z,0
CVE-2020-3481,https://securityvulnerability.io/vulnerability/CVE-2020-3481,Clam AntiVirus (ClamAV) Software Null Pointer Dereference Vulnerability,"A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. An attacker could exploit this vulnerability by sending a crafted EGG file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.",Cisco,Clamav,7.5,HIGH,0.019680000841617584,false,,false,false,false,,,false,false,,2020-07-20T00:00:00.000Z,0
CVE-2020-3327,https://securityvulnerability.io/vulnerability/CVE-2020-3327,ClamAV ARJ Archive Parsing Denial of Service Vulnerability,"A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacker could exploit this vulnerability by sending a crafted ARJ file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.",Cisco,Clamav,7.5,HIGH,0.006390000227838755,false,,false,false,false,,,false,false,,2020-05-13T03:15:00.000Z,0
CVE-2020-3341,https://securityvulnerability.io/vulnerability/CVE-2020-3341,ClamAV PDF Parsing Denial of Service Vulnerability,"A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.",Cisco,Clamav,7.5,HIGH,0.005179999861866236,false,,false,false,false,,,false,false,,2020-05-13T03:15:00.000Z,0
CVE-2020-3123,https://securityvulnerability.io/vulnerability/CVE-2020-3123,,"A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users that have enabled the optional DLP feature. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.",Cisco,Clamav,7.5,HIGH,0.024080000817775726,false,,false,false,false,,,false,false,,2020-02-05T00:00:00.000Z,0
CVE-2019-1789,https://securityvulnerability.io/vulnerability/CVE-2019-1789,ClamAV Denial of Service Vulnerability,ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking.,Cisco,Clamav,7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2019-11-05T18:25:34.000Z,0
CVE-2019-12625,https://securityvulnerability.io/vulnerability/CVE-2019-12625,ClamAV Zip Bomb Vulnerability,ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.,Cisco,Clamav,7.5,HIGH,0.003800000064074993,false,,false,false,false,,,false,false,,2019-11-05T18:15:36.000Z,0
CVE-2019-1798,https://securityvulnerability.io/vulnerability/CVE-2019-1798,Clam AntiVirus PE File Out-of-Bounds Read Vulnerability,"A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for PE files sent an affected device. An attacker could exploit this vulnerability by sending malformed PE files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.",Cisco,Clamav,7.5,HIGH,0.0014400000218302011,false,,false,false,true,2024-08-04T19:16:11.000Z,,false,false,,2019-04-08T19:30:17.000Z,0
CVE-2019-1788,https://securityvulnerability.io/vulnerability/CVE-2019-1788,ClamAV OLE2 File Out-Of-Bounds Write Vulnerability,"A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an affected device. An attacker could exploit this vulnerability by sending malformed OLE2 files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds write condition, resulting in a crash that could result in a denial of service condition on an affected device.",Cisco,Clamav,7.5,HIGH,0.042089998722076416,false,,false,false,true,2024-08-04T19:16:10.000Z,,false,false,,2019-04-08T19:15:18.000Z,0
CVE-2019-1787,https://securityvulnerability.io/vulnerability/CVE-2019-1787,Clam AntiVirus PDF Denial of Service Vulnerability,"A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.",Cisco,Clamav,7.5,HIGH,0.004480000119656324,false,,false,false,true,2024-08-04T19:16:10.000Z,,false,false,,2019-04-08T19:10:16.000Z,0
CVE-2019-1785,https://securityvulnerability.io/vulnerability/CVE-2019-1785,Clam AntiVirus RAR Directory Traversal Vulnerability,"A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attacker could exploit this vulnerability by sending a crafted RAR file to an affected device. An exploit could allow the attacker to view or create arbitrary files on the targeted system.",Cisco,Clamav,9.8,CRITICAL,0.001069999998435378,false,,false,false,true,2024-08-04T19:16:10.000Z,,false,false,,2019-04-08T19:05:21.000Z,0
CVE-2019-1786,https://securityvulnerability.io/vulnerability/CVE-2019-1786,Clam AntiVirus PDF Out-of-Bounds Read Vulnerability,"A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.",Cisco,Clamav,7.5,HIGH,0.0033599999733269215,false,,false,false,true,2024-08-04T19:16:10.000Z,,false,false,,2019-04-08T19:05:14.000Z,0
CVE-2018-15378,https://securityvulnerability.io/vulnerability/CVE-2018-15378,Clam AntiVirus unmew11() Denial of Service Vulnerability,"A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the ""unmew11()"" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file.",Cisco,Clamav,5.5,MEDIUM,0.0016199999954551458,false,,false,false,false,,,false,false,,2018-10-15T17:29:00.000Z,0