Filtered by vendor Clamav
Subscriptions
Filtered by product Clamav
Subscriptions
Total
93 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-3627 | 1 Clamav | 1 Clamav | 2025-04-11 | N/A |
| The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c. | ||||
| CVE-2011-2721 | 1 Clamav | 1 Clamav | 2025-04-11 | N/A |
| Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations. | ||||
| CVE-2011-1003 | 1 Clamav | 1 Clamav | 2025-04-11 | N/A |
| Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office document. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4479 | 1 Clamav | 1 Clamav | 2025-04-11 | N/A |
| Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka "bb #2380," a different vulnerability than CVE-2010-4260. | ||||
| CVE-2010-4261 | 1 Clamav | 1 Clamav | 2025-04-11 | N/A |
| Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2012-1419 | 2 Cat, Clamav | 2 Quick Heal, Clamav | 2025-04-11 | N/A |
| The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial [aliases] character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. | ||||
| CVE-2010-3434 | 1 Clamav | 1 Clamav | 2025-04-11 | N/A |
| Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1640 | 1 Clamav | 1 Clamav | 2025-04-11 | N/A |
| Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote attackers to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling. | ||||
| CVE-2010-4260 | 1 Clamav | 1 Clamav | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) "bb #2358" and (2) "bb #2396." | ||||
| CVE-2013-2020 | 3 Canonical, Clamav, Suse | 3 Ubuntu Linux, Clamav, Linux Enterprise Server | 2025-04-11 | N/A |
| Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read. | ||||
| CVE-2010-1639 | 1 Clamav | 1 Clamav | 2025-04-11 | N/A |
| The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length. | ||||
| CVE-2010-1311 | 2 Clamav, Clamavs | 2 Clamav, Clamav | 2025-04-11 | N/A |
| The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-0098 | 2 Clamav, Clamavs | 2 Clamav, Clamav | 2025-04-11 | N/A |
| ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities. | ||||
| CVE-2013-2021 | 3 Canonical, Clamav, Suse | 3 Ubuntu Linux, Clamav, Linux Enterprise Server | 2025-04-11 | N/A |
| pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file. | ||||
| CVE-2012-1458 | 2 Clamav, Sophos | 2 Clamav, Sophos Anti-virus | 2025-04-11 | N/A |
| The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations. | ||||
| CVE-2009-1372 | 1 Clamav | 1 Clamav | 2025-04-09 | N/A |
| Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL. | ||||
| CVE-2008-0728 | 1 Clamav | 1 Clamav | 2025-04-09 | N/A |
| The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger "heap corruption." | ||||
| CVE-2009-1270 | 3 Canonical, Clamav, Debian | 3 Ubuntu Linux, Clamav, Debian Linux | 2025-04-09 | N/A |
| libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang. | ||||
| CVE-2009-1241 | 1 Clamav | 1 Clamav | 2025-04-09 | N/A |
| Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive. | ||||
| CVE-2008-6680 | 1 Clamav | 1 Clamav | 2025-04-09 | N/A |
| libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error. | ||||