Lucene search
+L

541 matches found

Vulnrichment
Vulnrichment
added 2022/05/04 5:5 p.m.15 views

CVE-2022-20770 ClamAV CHM File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...

8.6CVSS6.7AI score0.0659EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2022/05/04 5:5 p.m.45 views

CVE-2022-20770

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...

8.6CVSS7.8AI score0.0659EPSS
Exploits0
Cvelist
Cvelist
added 2022/05/04 5:5 p.m.19 views

CVE-2022-20770 ClamAV CHM File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...

8.6CVSS8AI score0.0659EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2022/05/04 5:5 p.m.45 views

CVE-2022-20770

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...

8.6CVSS7.5AI score0.0659EPSS
Exploits0
Cisco
Cisco
added 2022/05/04 4:0 p.m.28 views

ClamAV CHM File Parsing Denial of Service Vulnerability Affecting Cisco Products: May 2022

On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...

8.6CVSS7.6AI score0.0659EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2022/05/04 12:0 a.m.36 views

clamav -- Multiple vulnerabilities

The ClamAV project reports: Fixed a possible double-free vulnerability in the OLE2 file parser. Issue affects versions 0.104.0 through 0.104.2. Issue identified by OSS-Fuzz. Fixed a possible infinite loop vulnerability in the CHM file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS...

8.6CVSS0.8AI score0.0663EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2022/04/18 5:8 p.m.422 views

Exploit for Out-of-bounds Write in 7-Zip

7-Zip CVE 2022-29072 - Powershell Detection/Mitigation...

7.8CVSS7.7AI score0.01536EPSS
Exploits8
ThreatPost
ThreatPost
added 2022/03/24 1:10 p.m.310 views

Microsoft Help Files Disguise Vidar Malware

Where’s the last place you’d expect to find malware? In an email from your mother? Embedded in software you trust and use everyday actually, that’s probably the first place you should look? How about in a technical documentation file? In a report published Thursday, Trustwave SpiderLabs revealed ...

8.6AI score
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.31 views

AlmaLinux 8 : libmspack (ALSA-2020:1686)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:1686 advisory. - libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile...

5.5CVSS6.5AI score0.01464EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/01/14 12:0 a.m.19 views

openSUSE 15 Security Update : libmspack (openSUSE-SU-2022:0069-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0069-1 advisory. - DISPUTED chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative...

5.3CVSS6.3AI score0.03284EPSS
Exploits1References4
OPENSUSE Linux
OPENSUSE Linux
added 2021/08/26 12:0 a.m.57 views

Security update for libmspack (moderate)

openSUSE Security Update: Security update for libmspack Announcement ID: openSUSE-SU-2021:1200-1 Rating: moderate References: 1103032 Cross-References: CVE-2018-14679 CVE-2018-14681 CVE-2018-14682 CVSS scores: CVE-2018-14679 NVD : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-14679...

4.4CVSS7.8AI score0.03806EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/08/21 12:0 a.m.29 views

openSUSE 15 Security Update : libmspack (openSUSE-SU-2021:2802-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2802-1 advisory. - An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number...

8.8CVSS6.6AI score0.03806EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2012:0858-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.6AI score0.99809EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2021/02/17 4:31 p.m.192 views

Masslogger Swipes Outlook, Chrome Credentials

Cybercriminals are targeting Windows users with a new variant of the Masslogger trojan, which is spyware designed to swipe victims’ credentials from Microsoft Outlook, Google Chrome and various instant-messenger accounts. Researchers uncovered the campaign targeting users in Italy, Latvia and...

0.3AI score
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.23 views

SUSE SLES12 Security Update : libmspack (SUSE-SU-2020:2711-1)

This update for libmspack fixes the following issues : Security issues fixed : CVE-2019-1010305: Fixed a buffer overflow triggered by a crafted chm file which could have led to information disclosure bsc1141680. CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal...

6.5CVSS6.9AI score0.03086EPSS
Exploits2References11
RedHat Linux
RedHat Linux
added 2020/09/29 8:4 p.m.32 views

Moderate: Red Hat Security Advisory: okular security update

An update for okular is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

6.8CVSS6.2AI score0.01452EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2020/06/07 9:37 p.m.9 views

chm-montalivet.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1188384 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Exploits0
Veracode
Veracode
added 2020/05/10 11:23 p.m.24 views

Arbitrary Code Execution

libmspack is vulnerable to arbitrary code execution. The vulnerability exists as mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a...

7.8CVSS8.2AI score0.01976EPSS
Exploits0References6Affected Software1
RedHat Linux
RedHat Linux
added 2020/04/28 3:30 p.m.7 views

libmspack: buffer overflow in function chmd_read_headers()

libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile libmspack/mspack/chmd.c. The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit...

5.5CVSS7.2AI score0.01464EPSS
Exploits1References4
Microsoft KB
Microsoft KB
added 2020/04/09 12:0 a.m.11 views

CHM file freezes when you enter characters in Search box on the Index tab in Windows 8.1 or Windows Server 2012 R2

CHM file freezes when you enter characters in Search box on the Index tab in Windows 8.1 or Windows Server 2012 R2 This article describes an issue that occurs when you enter characters in the Search box on the Index tab in a Compiled HTML Help .chm file in Windows 8.1, Windows RT 8.1, or Windows...

6.2AI score
Exploits0
Rows per page
Query Builder