rpm package

suse/clamav&distro=SUSE Linux Enterprise Server 12 SP5

pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Vulnerabilities (24)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-20506	—	< 0.103.12-3.33.1	0.103.12-3.33.1	Sep 4, 2024	A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attac
CVE-2024-20505	—	< 0.103.12-3.33.1	0.103.12-3.33.1	Sep 4, 2024	A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote atta
CVE-2023-40477	—	< 0.103.11-3.30.1	0.103.11-3.30.1	May 3, 2024	RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in tha
CVE-2023-20197	—	< 0.103.9-3.27.1	0.103.9-3.27.1	Aug 16, 2023	A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for completion
CVE-2023-20052	—	< 0.103.8-3.24.1	0.103.8-3.24.1	Feb 16, 2023	On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sens
CVE-2023-20032	—	< 0.103.8-3.24.1	0.103.8-3.24.1	Feb 16, 2023	On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to
CVE-2022-20792	—	< 0.103.6-3.18.1	0.103.6-3.18.1	Aug 10, 2022	A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly g
CVE-2022-20796	—	< 0.103.6-3.18.1	0.103.6-3.18.1	May 4, 2022	On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker t
CVE-2022-20785	—	< 0.103.6-3.18.1	0.103.6-3.18.1	May 4, 2022	On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior vers
CVE-2022-20771	—	< 0.103.6-3.18.1	0.103.6-3.18.1	May 4, 2022	On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior
CVE-2022-20770	—	< 0.103.6-3.18.1	0.103.6-3.18.1	May 4, 2022	On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versi
CVE-2022-20698	—	< 0.103.5-3.15.1	0.103.5-3.15.1	Jan 14, 2022	A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to imp
CVE-2021-1404	—	< 0.103.2-3.6.1	0.103.2-3.6.1	Apr 8, 2021	A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that
CVE-2021-1405	—	< 0.103.2-3.6.1	0.103.2-3.6.1	Apr 8, 2021	A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initi
CVE-2021-1252	—	< 0.103.2-3.6.1	0.103.2-3.6.1	Apr 8, 2021	A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling
CVE-2020-3481	—	< 0.103.0-3.3.1	0.103.0-3.3.1	Jul 20, 2020	A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. A
CVE-2020-3350	—	< 0.103.0-3.3.1	0.103.0-3.3.1	Jun 18, 2020	A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning m
CVE-2020-3341	—	< 0.103.0-3.3.1	0.103.0-3.3.1	May 13, 2020	A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. A
CVE-2020-3327	—	< 0.103.0-3.3.1	0.103.0-3.3.1	May 13, 2020	A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacke
CVE-2020-3123	—	< 0.103.0-3.3.1	0.103.0-3.3.1	Feb 5, 2020	A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds rea

CVE-2024-20506Sep 4, 2024
affected < 0.103.12-3.33.1fixed 0.103.12-3.33.1
A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attac
CVE-2024-20505Sep 4, 2024
affected < 0.103.12-3.33.1fixed 0.103.12-3.33.1
A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote atta
CVE-2023-40477May 3, 2024
affected < 0.103.11-3.30.1fixed 0.103.11-3.30.1
RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in tha
CVE-2023-20197Aug 16, 2023
affected < 0.103.9-3.27.1fixed 0.103.9-3.27.1
A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for completion
CVE-2023-20052Feb 16, 2023
affected < 0.103.8-3.24.1fixed 0.103.8-3.24.1
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sens
CVE-2023-20032Feb 16, 2023
affected < 0.103.8-3.24.1fixed 0.103.8-3.24.1
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to
CVE-2022-20792Aug 10, 2022
affected < 0.103.6-3.18.1fixed 0.103.6-3.18.1
A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly g
CVE-2022-20796May 4, 2022
affected < 0.103.6-3.18.1fixed 0.103.6-3.18.1
On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker t
CVE-2022-20785May 4, 2022
affected < 0.103.6-3.18.1fixed 0.103.6-3.18.1
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior vers
CVE-2022-20771May 4, 2022
affected < 0.103.6-3.18.1fixed 0.103.6-3.18.1
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior
CVE-2022-20770May 4, 2022
affected < 0.103.6-3.18.1fixed 0.103.6-3.18.1
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versi
CVE-2022-20698Jan 14, 2022
affected < 0.103.5-3.15.1fixed 0.103.5-3.15.1
A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to imp
CVE-2021-1404Apr 8, 2021
affected < 0.103.2-3.6.1fixed 0.103.2-3.6.1
A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that
CVE-2021-1405Apr 8, 2021
affected < 0.103.2-3.6.1fixed 0.103.2-3.6.1
A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initi
CVE-2021-1252Apr 8, 2021
affected < 0.103.2-3.6.1fixed 0.103.2-3.6.1
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling
CVE-2020-3481Jul 20, 2020
affected < 0.103.0-3.3.1fixed 0.103.0-3.3.1
A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. A
CVE-2020-3350Jun 18, 2020
affected < 0.103.0-3.3.1fixed 0.103.0-3.3.1
A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning m
CVE-2020-3341May 13, 2020
affected < 0.103.0-3.3.1fixed 0.103.0-3.3.1
A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. A
CVE-2020-3327May 13, 2020
affected < 0.103.0-3.3.1fixed 0.103.0-3.3.1
A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacke
CVE-2020-3123Feb 5, 2020
affected < 0.103.0-3.3.1fixed 0.103.0-3.3.1
A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds rea

Page 1 of 2