rpm package
opensuse/clamav&distro=openSUSE Leap 15.1
pkg:rpm/opensuse/clamav&distro=openSUSE%20Leap%2015.1
Vulnerabilities (14)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-3481 | — | < 0.103.0-lp151.2.12.1 | 0.103.0-lp151.2.12.1 | Jul 20, 2020 | A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. A | ||
| CVE-2020-3350 | — | < 0.103.0-lp151.2.12.1 | 0.103.0-lp151.2.12.1 | Jun 18, 2020 | A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning m | ||
| CVE-2020-3341 | — | < 0.103.0-lp151.2.12.1 | 0.103.0-lp151.2.12.1 | May 13, 2020 | A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. A | ||
| CVE-2020-3327 | — | < 0.103.0-lp151.2.12.1 | 0.103.0-lp151.2.12.1 | May 13, 2020 | A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacke | ||
| CVE-2020-3123 | — | < 0.103.0-lp151.2.12.1 | 0.103.0-lp151.2.12.1 | Feb 5, 2020 | A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds rea | ||
| CVE-2019-15961 | — | < 0.100.3-lp151.2.6.1 | 0.100.3-lp151.2.6.1 | Jan 15, 2020 | A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing rout | ||
| CVE-2019-1789 | — | < 0.103.0-lp151.2.12.1 | 0.103.0-lp151.2.12.1 | Nov 5, 2019 | ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking. | ||
| CVE-2019-12625 | — | < 0.100.3-lp151.2.3.1 | 0.100.3-lp151.2.3.1 | Nov 5, 2019 | ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system. | ||
| CVE-2019-12900 | — | < 0.100.3-lp151.2.3.1 | 0.100.3-lp151.2.3.1 | Jun 19, 2019 | BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. | ||
| CVE-2019-1798 | — | < 0.103.0-lp151.2.12.1 | 0.103.0-lp151.2.12.1 | Apr 8, 2019 | A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a l | ||
| CVE-2019-1788 | — | < 0.103.0-lp151.2.12.1 | 0.103.0-lp151.2.12.1 | Apr 8, 2019 | A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is d | ||
| CVE-2019-1787 | — | < 0.103.0-lp151.2.12.1 | 0.103.0-lp151.2.12.1 | Apr 8, 2019 | A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due | ||
| CVE-2019-1785 | — | < 0.103.0-lp151.2.12.1 | 0.103.0-lp151.2.12.1 | Apr 8, 2019 | A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error | ||
| CVE-2019-1786 | — | < 0.103.0-lp151.2.12.1 | 0.103.0-lp151.2.12.1 | Apr 8, 2019 | A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is d |
- CVE-2020-3481Jul 20, 2020affected < 0.103.0-lp151.2.12.1fixed 0.103.0-lp151.2.12.1
A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. A
- CVE-2020-3350Jun 18, 2020affected < 0.103.0-lp151.2.12.1fixed 0.103.0-lp151.2.12.1
A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning m
- CVE-2020-3341May 13, 2020affected < 0.103.0-lp151.2.12.1fixed 0.103.0-lp151.2.12.1
A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. A
- CVE-2020-3327May 13, 2020affected < 0.103.0-lp151.2.12.1fixed 0.103.0-lp151.2.12.1
A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacke
- CVE-2020-3123Feb 5, 2020affected < 0.103.0-lp151.2.12.1fixed 0.103.0-lp151.2.12.1
A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds rea
- CVE-2019-15961Jan 15, 2020affected < 0.100.3-lp151.2.6.1fixed 0.100.3-lp151.2.6.1
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing rout
- CVE-2019-1789Nov 5, 2019affected < 0.103.0-lp151.2.12.1fixed 0.103.0-lp151.2.12.1
ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking.
- CVE-2019-12625Nov 5, 2019affected < 0.100.3-lp151.2.3.1fixed 0.100.3-lp151.2.3.1
ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.
- CVE-2019-12900Jun 19, 2019affected < 0.100.3-lp151.2.3.1fixed 0.100.3-lp151.2.3.1
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.
- CVE-2019-1798Apr 8, 2019affected < 0.103.0-lp151.2.12.1fixed 0.103.0-lp151.2.12.1
A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a l
- CVE-2019-1788Apr 8, 2019affected < 0.103.0-lp151.2.12.1fixed 0.103.0-lp151.2.12.1
A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is d
- CVE-2019-1787Apr 8, 2019affected < 0.103.0-lp151.2.12.1fixed 0.103.0-lp151.2.12.1
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due
- CVE-2019-1785Apr 8, 2019affected < 0.103.0-lp151.2.12.1fixed 0.103.0-lp151.2.12.1
A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error
- CVE-2019-1786Apr 8, 2019affected < 0.103.0-lp151.2.12.1fixed 0.103.0-lp151.2.12.1
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is d