47 matches found
CVE-2024-20290
A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer...
CVE-2023-20212
A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a logic error in the memory management of an affected device. An attacker could exploit this vulnerability ...
ClamAV AutoIt Module Denial of Service Vulnerability
A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a logic error in the memory management of an affected device. An attacker could exploit this vulnerability ...
CVE-2021-1404
A vulnerability in the PDF parsing module in Clam AntiVirus ClamAV Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that may result in a hea...
CVE-2021-1404
A vulnerability in the PDF parsing module in Clam AntiVirus ClamAV Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that may result in a hea...
CVE-2021-1404
A vulnerability in the PDF parsing module in Clam AntiVirus ClamAV Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that may result in a hea...
CVE-2021-1405 Clam AntiVirus (ClamAV) PDF Parser Denial of Service Vulnerability
A vulnerability in the email parsing module in Clam AntiVirus ClamAV Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may...
CVE-2021-1405 Clam AntiVirus (ClamAV) PDF Parser Denial of Service Vulnerability
A vulnerability in the email parsing module in Clam AntiVirus ClamAV Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may...
CVE-2021-1252 Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus ClamAV Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in...
CVE-2020-3341
A vulnerability in the PDF archive parsing module in Clam AntiVirus ClamAV Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. An attacker could...
CVE-2020-3327 ClamAV ARJ Archive Parsing Denial of Service Vulnerability
A vulnerability in the ARJ archive parsing module in Clam AntiVirus ClamAV Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacker could exploit thi...
CVE-2020-3327
A vulnerability in the ARJ archive parsing module in Clam AntiVirus ClamAV Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacker could exploit thi...
CVE-2020-3327
A vulnerability in the ARJ archive parsing module in Clam AntiVirus ClamAV Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacker could exploit thi...
CVE-2020-3123
A vulnerability in the Data-Loss-Prevention DLP module in Clam AntiVirus ClamAV Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users tha...
CVE-2020-3123
A vulnerability in the Data-Loss-Prevention DLP module in Clam AntiVirus ClamAV Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users tha...
CVE-2020-3123
A vulnerability in the Data-Loss-Prevention DLP module in Clam AntiVirus ClamAV Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users tha...
Input validation
A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper validation of zip files. An...
CVE-2020-3134 Cisco Email Security Appliance Zip Decompression Engine Denial of Service Vulnerability
A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper validation of zip files. An...
Design/Logic Flaw
An issue was discovered in Heimdal PRO 2.2.190. As part of the scanning feature, a process called md.hs writes an executable called CS1.tmp to C:\windows\TEMP. Afterwards the executable is run. It is possible for an attacker to create the file first, let md.hs overwrite it, and then rewrite the...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...