318 matches found
CVE-2026-20214
A flaw was found in ClamAV. An unauthenticated, remote attacker could exploit a vulnerability in the FSG file format parser by submitting a specially crafted file for scanning. This improper handling of FSG files can lead to an out-of-bounds buffer write, causing memory corruption. A successful...
Linux Distros Unpatched Vulnerability : CVE-2026-20215
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded...
CVE-2026-20244
A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in DMG...
CVE-2026-20243
A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ...
DEBIAN-CVE-2026-20213
A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in PE file...
CVE-2026-20216 ClamAV InstallShield File Format Processing Resource Exhaustion Vulnerability
A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerabilit...
CVE-2026-20216
A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerabilit...
CVE-2026-20213
A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in PE file...
PT-2026-54708
Name of the Vulnerable Software and Affected Versions ClamAV affected versions not specified Description An issue exists in the ALZ file format parser where improper boundary checks for content during scanning can lead to an out-of-bounds buffer write. A remote, unauthenticated attacker can explo...
Unity Linux 20.1060e / 20.1070e Security Update: clamav (UTSA-2026-017369)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017369 advisory. On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in...
Unity Linux 20.1060e / 20.1070e Security Update: clamav (UTSA-2026-017365)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017365 advisory. A vulnerability in the regex module used by the signature database load module of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and...
Amazon Linux 2 : clamav1.4, --advisory ALAS2-2026-3276 (ALAS-2026-3276)
The version of clamav1.4 installed on the remote host is prior to 1.4.4-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3276 advisory. A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause ...
USN-8207-1 clamav vulnerability
It was discovered that ClamAV incorrectly handled certain HTML files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2026-20031
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS conditi...
CVE-2026-20031
A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...
CVE-2026-20031
A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...
CVE-2026-20031
A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...
ClamAV Cascading Style Sheets Image Parsing Error Handling Denial of Service Vulnerability
A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...
PT-2026-7942
ClamAV ClamBC bytecode interpreter contains a vulnerability in function name processing that allows attackers to manipulate bytecode function names. Attackers can exploit the weak input validation in function name encoding to potentially execute malicious bytecode or cause unexpected behavior in...
CLEANSTART-2026-WX01708 vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device
Multiple security vulnerabilities affect the clamav package. A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. See references for individual vulnerability details...