EUVD-2025-210134

Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70....

CVE-2026-6676 Avira antivirus engine heap buffer OOB write when scanning a malformed POSIX tar archive

Heap buffer out-of-bounds write vulnerability in Avira Antivirus engine when scanning a malformed POSIX tar archive may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before...

CVE-2025-7018

CVE-2025-7018 is a null pointer dereference in Avira Antivirus engine when scanning malformed Windows PE files, potentially causing Denial-of-Service of the antivirus engine process. Affected product: Avira Antivirus across Windows, macOS, and Linux, with vulnerable engine builds prior to 8.3.70....

CVE-2025-7017 Avira antivirus engine heap buffer OOB read when scanning a malformed Windows MSI file

Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows MSI file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before...

CVE-2025-7017

Affected product: Avira Antivirus engine. Vulnerability: heap buffer out-of-bounds read when scanning a malformed Windows MSI file. Root cause: out-of-bounds heap read in the engine (details not provided beyond the description). Impact: local code execution or denial-of-service of the antivirus e...

CVE-2025-7002 Avira antivirus engine heap buffer OOB read when scanning a malformed PDF file (variant 2)

Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.68...

CVE-2025-7002

CVE-2025-7002 is a heap buffer out-of-bounds read vulnerability in the Avira Antivirus engine when scanning a malformed PDF, potentially allowing local code execution or crashing the antivirus process. Affected products are Avira Antivirus engines on Windows, macOS, and Linux with builds prior to...

PT-2026-49018

Name of the Vulnerable Software and Affected Versions Avira Antivirus versions prior to 8.3.70.64 Description A null pointer dereference occurs in the antivirus engine when scanning a malformed Windows PE Portable Executable file. This issue can lead to a Denial-of-Service of the antivirus engine...

EUVD-2023-51394

Malicious code in bioql PyPI...

CVE-2023-47263

Certain WithSecure products allow a Denial of Service DoS in the antivirus engine when scanning a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure...

CVE-2024-9481

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature 24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing...

CVE-2023-47263

Certain WithSecure products allow a Denial of Service DoS in the antivirus engine when scanning a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure...

CVE-2023-47263

Certain WithSecure products allow a Denial of Service DoS in the antivirus engine when scanning a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure...

CVE-2023-47263

Certain WithSecure products allow a Denial of Service DoS in the antivirus engine when scanning a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure...

Code injection

Certain WithSecure products allow a Denial of Service DoS in the antivirus engine when scanning a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure...

PT-2023-30399 · Withsecure · Withsecure Linux Protection +7

Name of the Vulnerable Software and Affected Versions: WithSecure Client Security version 15 WithSecure Server Security version 15 WithSecure Email and Server Security version 15 WithSecure Elements Endpoint Protection versions 17 and later WithSecure Client Security for Mac version 15 WithSecure...

CVE-2023-47263

Certain WithSecure products allow a Denial of Service DoS in the antivirus engine when scanning a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure...

WithSecure products Security breaches

WithSecure products is a line of security software from the Finnish company WithSecure. A security vulnerability exists in WithSecure products, which stems from a possible crash in the aeelf component crash, resulting in a denial of service DoS of the antivirus engine, affecting the following...

WithSecure Multiple Product Security Vulnerabilities

WithSecure products is a series of security software from the Finnish company WithSecure. WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and earlier. versions, WithSecure Client Security for Mac 15,...

PT-2022-5767 · Fortinet · Forticlient +2

Name of the Vulnerable Software and Affected Versions: FortiClient, FortiMail, and FortiOS AV engines versions 6.2.168 and below FortiClient, FortiMail, and FortiOS AV engines versions 6.4.274 and below Description: The issue is related to insufficient verification of data authenticity, which may...