The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.
|25586||Debian DSA-1320-1 : clamav - several vulnerabilities||Nessus||Debian Local Security Checks|
|25560||FreeBSD : clamav -- multiple vulnerabilities (903654bd-1927-11dc-b8a0-02e0185f8d72)||Nessus||FreeBSD Local Security Checks|
|25534||GLSA-200706-05 : ClamAV: Multiple Denials of Service||Nessus||Gentoo Local Security Checks|
|25432||Mandrake Linux Security Advisory : clamav (MDKSA-2007:115)||Nessus||Mandriva Local Security Checks|
|4075||ClamAV < 0.90.3 Multiple Vulnerabilities (deprecated)||Nessus Network Monitor||Web Clients|