EUVD-2022-2654

Malicious code in bioql PyPI...

Exploit for Use After Free in Autodesk 3Ds_Max

CVE-2023-20052 CVE-2023-20052, information leak vulnerability...

Debian: Security Advisory (DLA-95-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2009-1270

libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service infinite loop via a crafted TAR file that causes 1 clamd and 2 clamscan to hang...

SUSE CVE-2013-6497

clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service crash as demonstrated by the jwplayer.js file...

GHSA-5V25-XR56-PHPH Clamscan vulnerable to command injection

clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the isclamavbinary function located within Index.js. It should be noted that this vulnerability requires a pre-requisite that a folder should be created with the same command that wil...

Clamscan vulnerable to command injection

clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the isclamavbinary function located within Index.js. It should be noted that this vulnerability requires a pre-requisite that a folder should be created with the same command that wil...

Command Injection in kylefarris/clamscan

Overview clamscan is a Use Node JS to scan files on your server with ClamAV's clamscan binary or clamdscan daemon. This is especially useful for scanning uploaded files provided by un-trusted sources. This package are vulnerable to Command Injection, itt is possible to inject arbitrary commands a...

ownCloud: Remote Code Execution through "Files_antivirus" plugin

Hi, I would like to report a Remote Code Execution in OwnCloud. The flaw is exploitable as an authenticated user and level of privileges required is "Administrator". Vulnerable component is the plugin "filesantivirus", freely downloadable via the market and available in owncloud github repository...

OS Command Injection

clamscan is vulnerable to OS command injection. An attacker is able to inject and execute arbitrary OS commands on the system via the isclamavbinary function in index.js...

OS Command Injection

clamscan is vulnerable to OS Command Injection. The vulnerability exists through the isclamavbinary function in index.js...

Clamscan Injection Vulnerability

clamscan is a command line tool that is mainly used to scan files or directories for viruses. An injection vulnerability exists in the 'isclamavbinary' function in the Index.js file in clamscan 1.2.0 and earlier versions. An attacker can exploit this vulnerability by sending a specially crafted...

CVE-2020-7613

clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the isclamavbinary function located within Index.js. It should be noted that this vulnerability requires a pre-requisite that a folder should be created with the same command that wil...

CVE-2020-7613

clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the isclamavbinary function located within Index.js. It should be noted that this vulnerability requires a pre-requisite that a folder should be created with the same command that wil...

Command injection

clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the isclamavbinary function located within Index.js. It should be noted that this vulnerability requires a pre-requisite that a folder should be created with the same command that wil...

CVE-2020-7613

clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the isclamavbinary function located within Index.js. It should be noted that this vulnerability requires a pre-requisite that a folder should be created with the same command that wil...

CVE-2020-7613

CVE-2020-7613 affects clamscan up to 1.2.0 and is caused by a command-injection flaw in the _is_clamav_binary function within Index.js. The vulnerability permits injecting arbitrary commands, but exploitation in documented references notes a prerequisite: a folder must be created with the same co...

Command Injection

Overview clamscan is an Use Node JS to scan files on your server with ClamAV's clamscan binary or clamdscan daemon. This is especially useful for scanning uploaded files provided by un-trusted sources. Affected versions of this package are vulnerable to Command Injection. It is possible to inject...

openSUSE Security Update : clamav (openSUSE-2019-2595)

This update for clamav fixes the following issues : Security issue fixed : - CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files bsc1144504. - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors bsc1149458...

openSUSE: Security Advisory for clamav (openSUSE-SU-2019:2597-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...