Cisco Secure Endpoint vulnerabilities
9 known vulnerabilities affecting cisco/cisco_secure_endpoint.
Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH5MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2026-20031MEDIUMCVSS 5.3v7.0.5v6.2.19+160 more2026-03-04
CVE-2026-20031 [MEDIUM] CWE-248 CVE-2026-20031: A vulnerability in the HTML Cascading Style Sheets (CSS) module of ClamAV could allow an unauthentic
A vulnerability in the HTML Cascading Style Sheets (CSS) module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit this vulnerability by submitting a crafted HTML fil
cvelistv5nvd
CVE-2025-20234HIGHCVSS 7.5v7.0.5v6.2.19+72 more2025-06-18
CVE-2025-20234 [MEDIUM] CWE-125 CVE-2025-20234: A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated,
A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability by submitting a crafted file containing UDF conte
cvelistv5nvd
CVE-2025-20128HIGHCVSS 7.5v7.0.5v6.2.19+53 more2025-01-22
CVE-2025-20128 [MEDIUM] CWE-122 CVE-2025-20128: A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allo
A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this
cvelistv5nvd
CVE-2024-20290HIGHCVSS 7.5v6.0.9v6.0.7+31 more2024-02-07
CVE-2024-20290 [HIGH] CWE-126 CVE-2024-20290: A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote atta
A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer over-read. An attacker could exploit this vulnerability
cvelistv5nvd
CVE-2023-20084MEDIUMCVSS 4.4v6.0.9v6.0.7+31 more2023-11-22
CVE-2023-20084 [MEDIUM] CWE-437 CVE-2023-20084: A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authent
A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components. An attacker could exploit this vulnerability by persuading a user to put a m
cvelistv5nvd
CVE-2023-20212HIGHCVSS 7.5vN/A2023-08-18
CVE-2023-20212 [HIGH] CWE-825 CVE-2023-20212: A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to ca
A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to a logic error in the memory management of an affected device. An attacker could exploit this vulnerability by submitting a crafted AutoIt file to be scanned by C
cvelistv5nvd
CVE-2023-20197HIGHCVSS 7.5v6.0.9v6.0.7+45 more2023-08-16
CVE-2023-20197 [HIGH] CWE-835 CVE-2023-20197: A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV co
A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to an incorrect check for completion when a file is decompressed, which may result in a loop condition that could
cvelistv5nvd
CVE-2023-20032CRITICALCVSS 9.8v6.1.9v6.2.5+20 more2023-03-01
CVE-2023-20032 [CRITICAL] CWE-120 CVE-2023-20032: On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:
A vu
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:
A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code.
This vulnerability is due to a missing buffer size
cvelistv5nvd
CVE-2023-20052MEDIUMCVSS 5.3v6.0.9v6.0.7+44 more2023-03-01
CVE-2023-20052 [MEDIUM] CWE-611 CVE-2023-20052: On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:
A vu
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:
A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device.
This vulnerability is due to enabli
cvelistv5nvd