43 matches found
CVE-2026-20243
A flaw was found in ClamAV's ALZ file format parser. An unauthenticated, remote attacker can exploit this vulnerability by submitting a specially crafted ALZ Archived Link Zipped file for scanning. This improper handling of ALZ files can lead to memory corruption, causing the ClamAV scanning...
CVE-2026-20243
A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ...
CVE-2026-20243
A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ...
CVE-2026-20243
A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ...
CVE-2026-20243 ClamAV ALZ Archive Processing Denial of Service Vulnerability
A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ...
CVE-2026-20243
CVE-2026-20243 describes a DoS-style vulnerability in ClamAV caused by memory corruption during ALZ archive parsing. The issue stems from improper boundary checks for content in ALZ files, leading to an out-of-bounds buffer write when a crafted ALZ file is scanned by vulnerable ClamAV instances. ...
EUVD-2026-41086
A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ...
PT-2026-54708
Name of the Vulnerable Software and Affected Versions ClamAV affected versions not specified Description An issue exists in the ALZ file format parser where improper boundary checks for content during scanning can lead to an out-of-bounds buffer write. A remote, unauthenticated attacker can explo...
EUVD-2005-4779
Malware in sbrugna...
EUVD-2006-0953
Malware in sbrugna...
Malicious code in @zalastax/nolb-alz (npm)
The package @zalastax/nolb-alz was found to contain malicious code...
MAL-2025-10654 Malicious code in @zalastax/nolb-alz (npm)
The package @zalastax/nolb-alz was found to contain malicious code...
Security update for clamav
This update for clamav fixes the following issues: New version 1.4.2: CVE-2025-20128, bsc1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service DoS condition. Start clamonacc with --fdpass to avoid errors due to clamd not being able to acce...
Security update for clamav
This update for clamav fixes the following issues: New version 1.4.2: CVE-2025-20128, bsc1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service DoS condition. Start clamonacc with --fdpass to avoid errors due to clamd not being able to acce...
Unalz 0.x Archive Filename Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15577/info The 'unalz' utility is prone to a buffer-overflow vulnerability. This issue is exposed when the application extracts an ALZ archive that contains a file with a long name. An attacker could exploit this...
Debian: Security Advisory (DSA-959-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-959-1 : unalz - buffer overflow
Ulf Harnhammar from the Debian Security Audit Project discovered that unalz, a decompressor for ALZ archives, performs insufficient bounds checking when parsing file names. This can lead to arbitrary code execution if an attacker provides a crafted ALZ archive. %NASLMINLEVEL 70300 C Tenable Netwo...
CVE-2005-4786
The CVE-2005-4786 issue is a buffer overflow in the ALZ archive decompression in vrAZMain.dll (version 5.8.22.137) used by HAURI antivirus products (ViRobot Expert 4.0, ViRobot Advanced Server, HAURI LiveCall). It can allow user‑assisted attackers to execute arbitrary code by processing an ALZ ar...
CVE-2005-4786
Buffer overflow in the archive decompression library vrAZMain.dll 5.8.22.137, as used in HAURI anti-virus products including 1 ViRobot Expert 4.0, 2 ViRobot Advanced Server, and 3 HAURI LiveCall, allows user-assisted attackers to execute arbitrary code via an ALZ archive containing a file with a...
CVE-2006-0950
unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." dot dot sequences in a filename...