Cisco Secure Endpoint Private Cloud Console vulnerabilities

CVE-2024-20290 [HIGH] CWE-126 CVE-2024-20290: A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote atta A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer over-read. An attacker could exploit this vulnerability

CVE-2023-20197 [HIGH] CWE-835 CVE-2023-20197: A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV co A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for completion when a file is decompressed, which may result in a loop condition that could