VYPR

Clam AntiVirus

by Clam AntiVirus

CVEs (7)

  • CVE-2022-20770HigMay 4, 2022
    risk 0.56cvss 8.6epss 0.07

    On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior…

  • CVE-2021-1405HigApr 8, 2021
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable…

  • CVE-2020-3350MedJun 18, 2020
    risk 0.36cvss 5.5epss 0.00

    A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning…

  • CVE-2019-1787MedApr 8, 2019
    risk 0.36cvss 5.5epss 0.02

    A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is…

  • CVE-2004-0270Nov 23, 2004
    risk 0.04cvss epss 0.10

    libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program.

  • CVE-2006-0162Jan 10, 2006
    risk 0.01cvss epss 0.10

    Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.

  • CVE-2004-1876Mar 30, 2004
    risk 0.00cvss epss 0.01

    The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name.