Lucene search
K

23 matches found

CloudLinux
CloudLinux
added 2024/09/03 5:50 p.m.28 views

clamav: Fix of 2 CVEs

Update to 0.103.11 - CVE-2023-20032: fix missing buffer size check that may result in a heap buffer overflow write - Don't apply clamav-check.patch and CVE-2022-20698.patch as they have already been applied in new 0.103.11 version - Don't apply clamav-clamonacc-service.patch since el6 doesn't...

9.8CVSS8AI score0.29314EPSS
Exploits1
OSV
OSV
added 2024/09/03 5:50 p.m.8 views

CLSA-2024-1725385588 clamav: Fix of 2 CVEs

Update to 0.103.11 - CVE-2023-20032: fix missing buffer size check that may result in a heap buffer overflow write - Don't apply clamav-check.patch and CVE-2022-20698.patch as they have already been applied in new 0.103.11 version - Don't apply clamav-clamonacc-service.patch since el6 doesn't...

9.8CVSS6AI score0.29314EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/10/27 12:0 a.m.72 views

QNAP QTS / QuTS hero Multiple Vulnerabilities in ClamAV (QSA-23-26)

The version of QNAP QTS / QuTS hero installed on the remote host is affected by multiple vulnerabilities as referenced in the QSA-23-26 advisory. - A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7and earlier could allow an...

9.8CVSS8.3AI score0.29314EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2023/04/06 12:0 a.m.71 views

Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 38 / 9.0.0 < 9.0.0 Patch 31 Multiple Vulnerabilities in ClamAV

According to its self-reported version number, Zimbra Collaboration Server is affected by multiple vulnerabilities in the bundled ClamAV package, including: - A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could...

9.8CVSS9.1AI score0.29314EPSS
Exploits0References5
ALT Linux
ALT Linux
added 2023/03/27 12:0 a.m.74 views

Security fix for the ALT Linux 8 package clamav version 0.103.8-alt1

0.103.8-alt1 built March 27, 2023 Sergey Y. Afonin in task 316773 March 9, 2023 Sergey Y. Afonin - 0.103.8 CVE-2023-20032, CVE-2023-20052...

7.5AI score0.29314EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.35 views

CBL Mariner 2.0 Security Update: clamav (CVE-2023-20032)

The version of clamav installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-20032 advisory. - On February 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A...

9.8CVSS9AI score0.29314EPSS
Exploits0References2
ALT Linux
ALT Linux
added 2023/03/17 12:0 a.m.93 views

Security fix for the ALT Linux 9 package clamav version 0.103.8-alt1

0.103.8-alt1 built March 17, 2023 Sergey Y. Afonin in task 316772 March 9, 2023 Sergey Y. Afonin - 0.103.8 CVE-2023-20032, CVE-2023-20052...

7.5AI score0.29314EPSS
Exploits5
ALT Linux
ALT Linux
added 2023/03/15 12:0 a.m.99 views

Security fix for the ALT Linux 10 package clamav version 0.103.8-alt1

0.103.8-alt1 built March 15, 2023 Sergey Y. Afonin in task 316417 March 9, 2023 Sergey Y. Afonin - 0.103.8 CVE-2023-20032, CVE-2023-20052...

7.5AI score0.29314EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2023/03/08 12:0 a.m.47 views

ClamAV < 0.103.8 / 0.104.x < 0.105.2 / 1.0.0 Multiple Vulnerabilities

According to its version, the ClamAV clamd antivirus daemon running on the remote host is prior to 0.103.8, 0.104.x prior to 0.105.2, or 1.0.0. It is, therefore, affected by multiple vulnerabilities: - A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1...

9.8CVSS8.2AI score0.29314EPSS
Exploits5References3
OpenVAS
OpenVAS
added 2023/02/28 12:0 a.m.16 views

Ubuntu: Security Advisory (USN-5887-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.29314EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2023/02/27 12:0 a.m.26 views

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : ClamAV vulnerabilities (USN-5887-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5887-1 advisory. Simon Scannell discovered that ClamAV incorrectly handled parsing HFS+ files. A remote attacker could possibly use th...

9.8CVSS7.8AI score0.29314EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2023/02/23 12:0 a.m.53 views

Amazon Linux AMI : clamav (ALAS-2023-1694)

The version of clamav installed on the remote host is prior to 0.103.8-1.52. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1694 advisory. Possible remote code execution vulnerability in the ClamAV HFS+ file parser. The issue affects ClamAV versions 1.0.0 an...

9.8CVSS8.5AI score0.29314EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2023/02/23 12:0 a.m.106 views

Amazon Linux 2 : clamav (ALAS-2023-1964)

The version of clamav installed on the remote host is prior to 0.103.8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1964 advisory. Possible remote code execution vulnerability in the ClamAV HFS+ file parser. The issue affects ClamAV versions 1.0.0 and...

9.8CVSS8.5AI score0.29314EPSS
Exploits5References6
OSV
OSV
added 2023/02/21 9:6 a.m.8 views

SUSE-SU-2023:0470-1 Security update for clamav

This update for clamav fixes the following issues: - CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser bsc1208363. - CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser bsc1208365...

9.8CVSS7.6AI score0.29314EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2023/02/21 12:0 a.m.30 views

SUSE SLES12 Security Update : clamav (SUSE-SU-2023:0453-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0453-1 advisory. - CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser bsc1208363. - CVE-2023-20052: Fixed ...

9.8CVSS7.7AI score0.29314EPSS
Exploits5References7
Tenable Nessus
Tenable Nessus
added 2023/02/21 12:0 a.m.30 views

Fedora 36 : clamav (2023-3ba365d538)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3ba365d538 advisory. - Fix daily.cvd file - Split out documentation into separate -doc sub-package - 2128276 Please port your pcre dependency to pcre2 - Explicit...

9.8CVSS8.6AI score0.29314EPSS
Exploits5References3
Debian
Debian
added 2023/02/20 5:51 p.m.17 views

[SECURITY] [DLA 3328-1] clamav security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3328-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 20, 2023 https://wiki.debian.org/LTS -...

9.8CVSS9.1AI score0.29314EPSS
Exploits5
The Hacker News
The Hacker News
added 2023/02/17 5:46 a.m.5 views

Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software

Cisco has rolled out security updates to address a critical flaw reported in the ClamAV open source antivirus engine that could lead to remote code execution on susceptible devices. Tracked as CVE-2023-20032 CVSS score: 9.8, the issue relates to a case of remote code execution residing in the HFS...

9.8CVSS9AI score0.29314EPSS
Exploits8
The Hacker News
The Hacker News
added 2023/02/17 5:46 a.m.66 views

Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software

Cisco has rolled out security updates to address a critical flaw reported in the ClamAV open source antivirus engine that could lead to remote code execution on susceptible devices. Tracked as CVE-2023-20032 CVSS score: 9.8, the issue relates to a case of remote code execution residing in the HFS...

0.6AI score0.29314EPSS
Exploits8
CVE
CVE
added 2023/02/16 3:24 p.m.182 views

CVE-2023-20032

CVE-2023-20032 affects ClamAV HFS+ parser: vulnerable in versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier due to a missing buffer size check that can cause a heap buffer overflow. An unauthenticated, remote attacker could trigger arbitrary code execution with the ClamAV sc...

9.8CVSS9.6AI score0.29314EPSS
Exploits0References1Affected Software3
Rows per page
Query Builder