Lucene search
K

168 matches found

OpenVAS
OpenVAS
added 2023/02/21 12:0 a.m.13 views

Debian: Security Advisory (DLA-3328-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.29314EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2023/02/21 12:0 a.m.30 views

Fedora 36 : clamav (2023-3ba365d538)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3ba365d538 advisory. - Fix daily.cvd file - Split out documentation into separate -doc sub-package - 2128276 Please port your pcre dependency to pcre2 - Explicit...

9.8CVSS8.6AI score0.29314EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2023/02/21 12:0 a.m.30 views

SUSE SLES12 Security Update : clamav (SUSE-SU-2023:0453-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0453-1 advisory. - CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser bsc1208363. - CVE-2023-20052: Fixed ...

9.8CVSS7.7AI score0.29314EPSS
Exploits5References7
Veracode
Veracode
added 2023/02/18 7:14 a.m.27 views

Information Disclosure

clamav is vulnerable to Information Disclosure. A vulnerability in the DMG file parser could allow an unauthenticated, remote attacker to access sensitive information on an affected device...

5.3CVSS7AI score0.06675EPSS
Exploits5References4Affected Software1
UbuntuCve
UbuntuCve
added 2023/02/17 12:0 a.m.54 views

CVE-2023-20052

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on a...

5.3CVSS7AI score0.06675EPSS
Exploits5References3
OSV
OSV
added 2023/02/17 12:0 a.m.3 views

UBUNTU-CVE-2023-20052

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on a...

5.3CVSS6.8AI score0.06675EPSS
Exploits5References4
CVE
CVE
added 2023/02/16 3:26 p.m.216 views

CVE-2023-20052

CVE-2023-20052 affects ClamAV DMG file parser in versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. An unauthenticated attacker could exploit XML external entity substitution to cause an information leak by submitting a crafted DMG file to be scanned, potentially leaking by...

5.3CVSS6AI score0.06675EPSS
Exploits5References1Affected Software2
Cvelist
Cvelist
added 2023/02/16 3:26 p.m.25 views

CVE-2023-20052

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on a...

5.3CVSS7.3AI score0.06675EPSS
Exploits5References1
AlpineLinux
AlpineLinux
added 2023/02/16 3:26 p.m.60 views

CVE-2023-20052

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on a...

5.3CVSS7.3AI score0.06675EPSS
Exploits5
Debian CVE
Debian CVE
added 2023/02/16 3:26 p.m.48 views

CVE-2023-20052

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on a...

5.3CVSS7.3AI score0.06675EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2023/02/16 12:0 a.m.35 views

FreeBSD : clamav -- Multiple vulnerabilities (fd792048-ad91-11ed-a879-080027f5fec9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the fd792048-ad91-11ed-a879-080027f5fec9 advisory. - On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A...

9.8CVSS8.3AI score0.29314EPSS
Exploits5References4
Cisco
Cisco
added 2023/02/15 4:0 p.m.88 views

ClamAV DMG File Parsing XML Entity Expansion Vulnerability Affecting Cisco Products: February 2023

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on a...

5.3CVSS7AI score0.06675EPSS
Exploits5References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:32 a.m.2 views

SUSE CVE-2014-0145

Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service crash or possibly execute arbitrary code via a large 1 L1 table in the qcow2snapshotloadtmp in the QCOW 2 block driver block/qcow2-snapshot.c or 2 uncompressed chunk, 3 chunk length...

7.8CVSS7.7AI score0.00508EPSS
Exploits1References5
FreeBSD
FreeBSD
added 2023/02/15 12:0 a.m.33 views

clamav -- Multiple vulnerabilities

Simon Scannell reports: CVE-2023-20032 Fixed a possible remote code execution vulnerability in the HFS+ file parser. CVE-2023-20052 Fixed a possible remote information leak vulnerability in the DMG file parser...

9.8CVSS8.1AI score0.29314EPSS
Exploits5References1
NVD
NVD
added 2022/11/01 8:15 p.m.17 views

CVE-2022-32905

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted DMG file may lead to arbitrary code execution with system privileges...

7.8CVSS0.0028EPSS
Exploits0References1
Prion
Prion
added 2022/11/01 8:15 p.m.12 views

Code injection

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted DMG file may lead to arbitrary code execution with system privileges...

4.4CVSS7.7AI score0.0028EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/11/01 12:0 a.m.61 views

CVE-2022-32905

CVE-2022-32905 affects macOS Ventura 13. It allows arbitrary code execution with system privileges when processing a maliciously crafted DMG file, due to insufficient validation of symlinks. The issue is fixed in macOS Ventura 13 via improved symlink validation; mitigation is to update to Ventura...

7.8CVSS8.1AI score0.0028EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/11/01 12:0 a.m.22 views

CVE-2022-32905

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted DMG file may lead to arbitrary code execution with system privileges...

8.4AI score0.0028EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2022/07/13 8:51 a.m.31 views

Researchers Uncover New Variants of the ChromeLoader Browser Hijacking Malware

Cybersecurity researchers have uncovered new variants of the ChromeLoader information-stealing malware, highlighting its evolving feature set in a short span of time. Primarily used for hijacking victims' browser searches and presenting advertisements, ChromeLoader came to light in January 2022 a...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2022/05/31 11:38 a.m.38 views

ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats

ChromeLoader may seem on the surface like a run-of-the-mill browser hijacker that merely redirects victims to advertisement websites. However, its use of PowerShell could pose a greater risk by leading to further and advanced malicious activity, such as the propagation of ransomware or spyware or...

7.3AI score
Exploits0References6
Rows per page
Query Builder