Количество 8
Количество 8
BDU:2022-03420
Уязвимость пакета антивирусных программ ClamAV, связанная с переполнением буфера в куче, позволяющая нарушителю выполнить произвольный код
ROS-20220608-01
Множественные уязвимости ClamAV
CVE-2022-20792
A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution. The vulnerability is due to improper bounds checking that may result in a multi-byte heap buffer overwflow write. An attacker could exploit this vulnerability by placing a crafted CDB ClamAV signature database file in the ClamAV database directory. An exploit could allow the attacker to run code as the clamav user.
CVE-2022-20792
A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution. The vulnerability is due to improper bounds checking that may result in a multi-byte heap buffer overwflow write. An attacker could exploit this vulnerability by placing a crafted CDB ClamAV signature database file in the ClamAV database directory. An exploit could allow the attacker to run code as the clamav user.
CVE-2022-20792
A vulnerability in the regex module used by the signature database loa ...
GHSA-c59m-xfxc-m38p
A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution. The vulnerability is due to improper bounds checking that may result in a multi-byte heap buffer overwflow write. An attacker could exploit this vulnerability by placing a crafted CDB ClamAV signature database file in the ClamAV database directory. An exploit could allow the attacker to run code as the clamav user.
SUSE-SU-2022:1647-1
Security update for clamav
SUSE-SU-2022:1644-1
Security update for clamav
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2022-03420 Уязвимость пакета антивирусных программ ClamAV, связанная с переполнением буфера в куче, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 0% Низкий | больше 3 лет назад |
 | ROS-20220608-01 Множественные уязвимости ClamAV | больше 3 лет назад | ||
 | CVE-2022-20792 A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution. The vulnerability is due to improper bounds checking that may result in a multi-byte heap buffer overwflow write. An attacker could exploit this vulnerability by placing a crafted CDB ClamAV signature database file in the ClamAV database directory. An exploit could allow the attacker to run code as the clamav user. | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
 | CVE-2022-20792 A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution. The vulnerability is due to improper bounds checking that may result in a multi-byte heap buffer overwflow write. An attacker could exploit this vulnerability by placing a crafted CDB ClamAV signature database file in the ClamAV database directory. An exploit could allow the attacker to run code as the clamav user. | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
| CVE-2022-20792 A vulnerability in the regex module used by the signature database loa ... | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
| GHSA-c59m-xfxc-m38p A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution. The vulnerability is due to improper bounds checking that may result in a multi-byte heap buffer overwflow write. An attacker could exploit this vulnerability by placing a crafted CDB ClamAV signature database file in the ClamAV database directory. An exploit could allow the attacker to run code as the clamav user. | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
 | SUSE-SU-2022:1647-1 Security update for clamav | больше 3 лет назад | ||
| SUSE-SU-2022:1644-1 Security update for clamav | больше 3 лет назад |
Уязвимостей на страницу