11 matches found
CVE-2024-20328 affecting package clamav for versions less than 0.105.2-5
CVE-2024-20328 affecting package clamav for versions less than 0.105.2-5. A patched version of the package is available...
CVE-2024-20328 vulnerabilities
Vulnerabilities for packages: clamav...
AZL-35428 CVE-2024-20328 affecting package clamav for versions less than 0.105.2-5
A vulnerability in the VirusEvent feature of ClamAV could allow a local attacker to inject arbitrary commands with the privileges of the application service account.The vulnerability is due to unsafe handling of file names. A local attacker could exploit this vulnerability by supplying a file nam...
CVE-2024-20328
A vulnerability in the VirusEvent feature of ClamAV could allow a local attacker to inject arbitrary commands with the privileges of the application service account.The vulnerability is due to unsafe handling of file names. A local attacker could exploit this vulnerability by supplying a file nam...
CVE-2024-20328
CVE-2024-20328 affects the ClamAV VirusEvent feature, where unsafe handling of file names can allow a local attacker to inject and execute arbitrary commands with the privileges of the application service account (local vector, low complexity). The root cause is command-line sequence processing s...
Mageia: Security Advisory (MGASA-2024-0048)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6636-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 23.10 : ClamAV vulnerabilities (USN-6636-1)
The remote Ubuntu 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6636-1 advisory. It was discovered that ClamAV incorrectly handled parsing certain OLE2 files. A remote attacker could possibly use this issue to cause ClamAV to crash,...
USN-6636-1: ClamAV vulnerabilities
It was discovered that ClamAV incorrectly handled parsing certain OLE2 files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2024-20290 Amit Schendel discovered that the ClamAV ClamD service incorrectly handled the VirusEvent featur...
Fedora 38 : clamav (2024-c42cf0e576)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-c42cf0e576 advisory. Update to 1.0.5 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested fo...
CVE-2024-20328
creationtimestamp| type| source ---|---|--- 2024-02-09 17:21:56+00:00| seen| https://t.me/itsecnews/4100 2024-02-12 00:32:41+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/9952 2024-03-01 22:31:38+00:00| seen| https://t.me/ctinow/198034 2024-03-01 22:31:47+00:00| seen|...