Lucene search
K

318 matches found

RedhatCVE
RedhatCVE
added 2026/07/03 1:20 p.m.8 views

CVE-2026-20214

A flaw was found in ClamAV. An unauthenticated, remote attacker could exploit a vulnerability in the FSG file format parser by submitting a specially crafted file for scanning. This improper handling of FSG files can lead to an out-of-bounds buffer write, causing memory corruption. A successful...

7.5CVSS7.2AI score0.00463EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-20215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded...

7.5CVSS7AI score0.00389EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 5:16 p.m.3 views

CVE-2026-20244

A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in DMG...

7.5CVSS6.1AI score
Exploits0References1
NVD
NVD
added 2026/07/01 5:16 p.m.19 views

CVE-2026-20243

A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ...

7.5CVSS0.00389EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 5:16 p.m.3 views

DEBIAN-CVE-2026-20213

A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in PE file...

7.5CVSS6AI score0.00463EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/01 4:27 p.m.39 views

CVE-2026-20216 ClamAV InstallShield File Format Processing Resource Exhaustion Vulnerability

A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerabilit...

7.5CVSS0.00389EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/07/01 4:27 p.m.5 views

CVE-2026-20216

A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerabilit...

7.5CVSS5.8AI score0.00389EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/07/01 4:27 p.m.10 views

CVE-2026-20213

A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in PE file...

7.5CVSS7.3AI score0.00463EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.5 views

PT-2026-54708

Name of the Vulnerable Software and Affected Versions ClamAV affected versions not specified Description An issue exists in the ALZ file format parser where improper boundary checks for content during scanning can lead to an out-of-bounds buffer write. A remote, unauthenticated attacker can explo...

7.8CVSS7.2AI score0.00463EPSS
Exploits0References40
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.10 views

Unity Linux 20.1060e / 20.1070e Security Update: clamav (UTSA-2026-017369)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017369 advisory. On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in...

7.8CVSS6.7AI score0.0663EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.10 views

Unity Linux 20.1060e / 20.1070e Security Update: clamav (UTSA-2026-017365)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017365 advisory. A vulnerability in the regex module used by the signature database load module of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and...

7.8CVSS6AI score0.00499EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.11 views

Amazon Linux 2 : clamav1.4, --advisory ALAS2-2026-3276 (ALAS-2026-3276)

The version of clamav1.4 installed on the remote host is prior to 1.4.4-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3276 advisory. A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause ...

5.3CVSS5.4AI score0.00414EPSS
Exploits0References4
OSV
OSV
added 2026/04/27 11:51 a.m.10 views

USN-8207-1 clamav vulnerability

It was discovered that ClamAV incorrectly handled certain HTML files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...

5.3CVSS5.3AI score0.00414EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.60 views

Linux Distros Unpatched Vulnerability : CVE-2026-20031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS conditi...

5.3CVSS5.4AI score0.00414EPSS
Exploits0References3
NVD
NVD
added 2026/03/04 6:16 p.m.6 views

CVE-2026-20031

A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...

5.3CVSS0.00414EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/04 5:17 p.m.7 views

CVE-2026-20031

A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...

5.3CVSS6AI score0.00414EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/03/04 5:17 p.m.8 views

CVE-2026-20031

A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...

5.3CVSS5.8AI score0.00414EPSS
Exploits0
Cisco
Cisco
added 2026/03/04 4:0 p.m.10 views

ClamAV Cascading Style Sheets Image Parsing Error Handling Denial of Service Vulnerability

A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...

5.3CVSS6AI score0.00414EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/12 12:0 a.m.10 views

PT-2026-7942

ClamAV ClamBC bytecode interpreter contains a vulnerability in function name processing that allows attackers to manipulate bytecode function names. Attackers can exploit the weak input validation in function name encoding to potentially execute malicious bytecode or cause unexpected behavior in...

9.8CVSS5.6AI score0.00172EPSS
Exploits0References4
OSV
OSV
added 2026/02/06 1:10 a.m.13 views

CLEANSTART-2026-WX01708 vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device

Multiple security vulnerabilities affect the clamav package. A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. See references for individual vulnerability details...

9.8CVSS8.6AI score0.84841EPSS
Exploits16References73
Rows per page
Query Builder