Lucene search
K

22 matches found

OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-4146-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.0812EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2019:14231-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.0812EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.31 views

SUSE: Security Advisory (SUSE-SU-2020:3790-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.0812EPSS
Exploits4References2
CBLMariner
CBLMariner
added 2021/05/06 11:56 p.m.22 views

CVE-2019-12625 affecting package clamav 0.101.2-3

CVE-2019-12625 affecting package clamav 0.101.2-3. An upgraded version of the package is available that resolves this issue...

7.5CVSS7.4AI score0.0218EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2019:3066-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.0812EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2020/12/23 12:0 a.m.214 views

SUSE SLES12 Security Update : clamav (SUSE-SU-2020:3918-1)

This update for clamav fixes the following issues : clamav was updated to 0.103.0 to implement jscECO-3010 and bsc1118459. clamd can now reload the signature database without blocking scanning. This multi-threaded database reload improvement was made possible thanks to a community effort. -...

9.8CVSS7.3AI score0.0812EPSS
Exploits1References25
OSV
OSV
added 2019/11/30 11:15 p.m.11 views

OPENSUSE-SU-2019:2597-1 Security update for clamav

This update for clamav fixes the following issues: Security issue fixed: - CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files bsc1144504. - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors bsc1149458...

9.8CVSS8.7AI score0.0812EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/11/27 12:0 a.m.30 views

SUSE SLED12 / SLES12 Security Update : clamav (SUSE-SU-2019:3066-1)

This update for clamav fixes the following issues : Security issue fixed : CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files bsc1144504. CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors bsc1149458. Non-securit...

9.8CVSS6.9AI score0.0812EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2019/11/05 6:15 p.m.10 views

CVE-2019-12625 ClamAV Zip Bomb Vulnerability

ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system...

7.5CVSS7.1AI score0.0218EPSS
Exploits0References3
CVE
CVE
added 2019/11/05 6:15 p.m.374 views

CVE-2019-12625

CVE-2019-12625 affects ClamAV versions prior to 0.101.3, exposing a Denial of Service via zip bombs. The issue stems from excessively long scan times caused by crafted ZIP data. Public references in the connected documents confirm the vulnerability and its remediation path, with fixes implemented...

7.5CVSS8.2AI score0.0218EPSS
Exploits0References3Affected Software1
Debian
Debian
added 2019/10/14 11:28 a.m.77 views

[SECURITY] [DLA 1953-2] clamav regression update

Package : clamav Version : 0.101.4+dfsg-0+deb8u2 CVE ID : CVE-2019-12625 CVE-2019-12900 Debian Bug : 942172 The update of clamav released as DLA 1953-1 led to permission issues on /var/run/clamav. This caused several users to experience issues restarting the clamav daemon. This regression is caus...

9.8CVSS8.8AI score0.0812EPSS
Exploits0
OpenVAS
OpenVAS
added 2019/10/11 12:0 a.m.26 views

Debian: Security Advisory (DLA-1953-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.0812EPSS
Exploits0References3
Debian
Debian
added 2019/10/10 10:52 a.m.69 views

[SECURITY] [DLA 1953-1] clamav security update

Package : clamav Version : 0.101.4+dfsg-0+deb8u1 CVE ID : CVE-2019-12625 CVE-2019-12900 Debian Bug : 34359 It was discovered that clamav, the open source antivirus engine, is affected by the following security vulnerabilities: CVE-2019-12625 Denial of Service DoS vulnerability, resulting from...

9.8CVSS9.3AI score0.0812EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/10/03 2:21 p.m.288 views

USN-4146-2: ClamAV vulnerabilities

USN-4146-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled unpacking ZIP files. A remote attacker could possibly use this issue to cause...

9.8CVSS7.5AI score0.0812EPSS
Exploits0
OpenVAS
OpenVAS
added 2019/10/03 12:0 a.m.41 views

Ubuntu: Security Advisory (USN-4146-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.0812EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/09/03 12:0 a.m.36 views

Fedora 29 : clamav (2019-aabcb53ec6)

ClamAV 0.101.4 is a security patch release that addresses the following issues. - An out of bounds write was possible within ClamAV's NSIS bzip2 library when attempting decompression in cases where the number of selectors exceeded the max limit set by the library CVE-2019-12900. The issue has bee...

9.8CVSS6.8AI score0.0812EPSS
Exploits0References3
ALT Linux
ALT Linux
added 2019/09/02 12:0 a.m.35 views

Security fix for the ALT Linux 10 package clamav version 0.101.4-alt1

Sept. 2, 2019 Sergey Y. Afonin 0.101.4-alt1 - 0.101.4 CVE-2019-12900, additional handling CVE-2019-12625 which has been mitigated in 0.101.3...

7.5CVSS8.7AI score0.0812EPSS
Exploits0
ALT Linux
ALT Linux
added 2019/09/02 12:0 a.m.43 views

Security fix for the ALT Linux 8 package clamav version 0.101.4-alt1

Sept. 2, 2019 Sergey Y. Afonin 0.101.4-alt1 - 0.101.4 CVE-2019-12900, additional handling CVE-2019-12625 which has been mitigated in 0.101.3...

7.5CVSS8.7AI score0.0812EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/26 12:0 a.m.29 views

Fedora 30 : clamav (2019-5c2dc50262)

ClamAV 0.101.4 is a security patch release that addresses the following issues. - An out of bounds write was possible within ClamAV's NSIS bzip2 library when attempting decompression in cases where the number of selectors exceeded the max limit set by the library CVE-2019-12900. The issue has bee...

9.8CVSS6.8AI score0.0812EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/08/26 12:0 a.m.51 views

FreeBSD : clamav -- multiple vulnerabilities (dbd1f627-c43b-11e9-a923-9c5c8e75236a)

Micah Snyder reports : - An out of bounds write was possible within ClamAV&s NSIS bzip2 library when attempting decompression in cases where the number of selectors exceeded the max limit set by the library CVE-2019-12900. The issue has been resolved by respecting that limit. - The zip bomb...

9.8CVSS6.7AI score0.0812EPSS
Exploits0References4
Rows per page
Query Builder