Mageia: Security Advisory (MGASA-2023-0257)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : clamav (ALAS-2023-1820)

The version of clamav installed on the remote host is prior to 0.103.9-1.55. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1820 advisory. A vulnerability in the filesystem image parser for Hierarchical File System Plus HFS+ of ClamAV could allow an unauthenticated,...

Amazon Linux 2023 : clamav, clamav-data, clamav-devel (ALAS2023-2023-331)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-331 advisory. A vulnerability in the filesystem image parser for Hierarchical File System Plus HFS+ of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected...

Important: clamav

Issue Overview: A vulnerability in the filesystem image parser for Hierarchical File System Plus HFS+ of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an incorrect check for completion when a...

OESA-2023-1558 clamav security update

Clam AntiVirus clamav is an open source antivirus engine for detecting trojans, viruses, malware and other malicious threats. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command...

OESA-2023-1560 clamav security update

Clam AntiVirus clamav is an open source antivirus engine for detecting trojans, viruses, malware and other malicious threats. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command...

OESA-2023-1559 clamav security update

Clam AntiVirus clamav is an open source antivirus engine for detecting trojans, viruses, malware and other malicious threats. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command...

OESA-2023-1540 clamav security update

Clam AntiVirus clamav is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command lin...

CVE-2021-46312

An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero...

CVE-2021-46310

An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero...

Fedora 38 : clamav (2023-bf72d8833e)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-bf72d8833e advisory. CVE-2023-20197 ClamAV File Scanning Infinite Loop Denial of Service Vulnerability Tenable has extracted the preceding description block directly fro...

UBUNTU-CVE-2023-20197

A vulnerability in the filesystem image parser for Hierarchical File System Plus HFS+ of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an incorrect check for completion when a file is...

CVE-2023-20197

A vulnerability in the filesystem image parser for Hierarchical File System Plus HFS+ of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an incorrect check for completion when a file is...

Race condition

A vulnerability in the filesystem image parser for Hierarchical File System Plus HFS+ of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an incorrect check for completion when a file is...

CVE-2023-20197

CVE-2023-20197 describes a DoS in ClamAV caused by the HFS+ filesystem image parser. The root cause is an incorrect completion-check during file decompression, which can trigger an infinite loop and make the ClamAV scanning process stop responding, consuming resources. Exploitation requires sendi...

Exploit for XML Entity Expansion in Cisco Secure_Endpoint

CVE-2023-20052 CVE-2023-20052, information leak vulnerability...

OESA-2023-1169 clamav security update

Clam AntiVirus clamav is an open source antivirus engine for detecting trojans, viruses, malware other malicious threats. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line...

SUSE CVE-2007-2788

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit JDK before 1.5.011-b03 and 1.6.x before 1.6.001-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.214 and earlier, and SDK and JRE 1.3.120 and earlier...

SUSE CVE-2015-5162

The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service memory and disk consumption via a crafted disk image...

SUSE CVE-2016-5844

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service application crash via a crafted ISO file...