Lucene search
K

43 matches found

RedhatCVE
RedhatCVE
added 3 days ago6 views

CVE-2026-20243

A flaw was found in ClamAV's ALZ file format parser. An unauthenticated, remote attacker can exploit this vulnerability by submitting a specially crafted ALZ Archived Link Zipped file for scanning. This improper handling of ALZ files can lead to memory corruption, causing the ClamAV scanning...

7.5CVSS5.9AI score0.00389EPSS
Exploits0References4
NVD
NVD
added 5 days ago8 views

CVE-2026-20243

A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ...

7.5CVSS0.00389EPSS
Exploits0References1
Debian CVE
Debian CVE
added 5 days ago4 views

CVE-2026-20243

A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ...

7.5CVSS6AI score0.00389EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 5 days ago5 views

CVE-2026-20243

A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ...

7.5CVSS6AI score0.00389EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-20243 ClamAV ALZ Archive Processing Denial of Service Vulnerability

A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ...

7.5CVSS0.00389EPSS
Exploits0References1
CVE
CVE
added 5 days ago14 views

CVE-2026-20243

CVE-2026-20243 describes a DoS-style vulnerability in ClamAV caused by memory corruption during ALZ archive parsing. The issue stems from improper boundary checks for content in ALZ files, leading to an out-of-bounds buffer write when a crafted ALZ file is scanned by vulnerable ClamAV instances. ...

7.5CVSS6AI score0.00389EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-41086

A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ...

7.5CVSS6AI score0.00389EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 5 days ago4 views

PT-2026-54708

Name of the Vulnerable Software and Affected Versions ClamAV affected versions not specified Description An issue exists in the ALZ file format parser where improper boundary checks for content during scanning can lead to an out-of-bounds buffer write. A remote, unauthenticated attacker can explo...

7.8CVSS7.2AI score0.00389EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-4779

Malware in sbrugna...

4CVSS6.4AI score0.02908EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-0953

Malware in sbrugna...

2.6CVSS6.2AI score0.01669EPSS
Exploits0References11
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.1 views

Malicious code in @zalastax/nolb-alz (npm)

The package @zalastax/nolb-alz was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-10654 Malicious code in @zalastax/nolb-alz (npm)

The package @zalastax/nolb-alz was found to contain malicious code...

7.2AI score
Exploits0
SUSE Linux
SUSE Linux
added 2025/02/03 9:39 a.m.3 views

Security update for clamav

This update for clamav fixes the following issues: New version 1.4.2: CVE-2025-20128, bsc1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service DoS condition. Start clamonacc with --fdpass to avoid errors due to clamd not being able to acce...

8.7CVSS8.1AI score0.03312EPSS
Exploits0References30
SUSE Linux
SUSE Linux
added 2025/02/03 9:39 a.m.0 views

Security update for clamav

This update for clamav fixes the following issues: New version 1.4.2: CVE-2025-20128, bsc1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service DoS condition. Start clamonacc with --fdpass to avoid errors due to clamd not being able to acce...

8.7CVSS7.8AI score0.03312EPSS
Exploits0References34
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Unalz 0.x Archive Filename Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15577/info The 'unalz' utility is prone to a buffer-overflow vulnerability. This issue is exposed when the application extracts an ALZ archive that contains a file with a long name. An attacker could exploit this...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.19 views

Debian: Security Advisory (DSA-959-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.20436EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.31 views

Debian DSA-959-1 : unalz - buffer overflow

Ulf Harnhammar from the Debian Security Audit Project discovered that unalz, a decompressor for ALZ archives, performs insufficient bounds checking when parsing file names. This can lead to arbitrary code execution if an attacker provides a crafted ALZ archive. %NASLMINLEVEL 70300 C Tenable Netwo...

7.5CVSS5.6AI score0.20436EPSS
Exploits1References3
CVE
CVE
added 2006/04/19 4:0 p.m.38 views

CVE-2005-4786

The CVE-2005-4786 issue is a buffer overflow in the ALZ archive decompression in vrAZMain.dll (version 5.8.22.137) used by HAURI antivirus products (ViRobot Expert 4.0, ViRobot Advanced Server, HAURI LiveCall). It can allow user‑assisted attackers to execute arbitrary code by processing an ALZ ar...

4CVSS8.2AI score0.02908EPSS
Exploits0References9Affected Software3
Cvelist
Cvelist
added 2006/04/19 4:0 p.m.17 views

CVE-2005-4786

Buffer overflow in the archive decompression library vrAZMain.dll 5.8.22.137, as used in HAURI anti-virus products including 1 ViRobot Expert 4.0, 2 ViRobot Advanced Server, and 3 HAURI LiveCall, allows user-assisted attackers to execute arbitrary code via an ALZ archive containing a file with a...

7.8AI score0.02908EPSS
Exploits0References9
NVD
NVD
added 2006/03/13 7:34 p.m.12 views

CVE-2006-0950

unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." dot dot sequences in a filename...

2.6CVSS6.5AI score0.01669EPSS
Exploits0References10
Rows per page
Query Builder