306 matches found
CVE-2025-20260 ClamAV PDF Scanning Buffer Overflow Vulnerability
A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service DoS condition, or execute arbitrary code on an affected device. This vulnerability exists because memory buffers are allocated...
CVE-2025-20260
A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service DoS condition, or execute arbitrary code on an affected device. This vulnerability exists because memory buffers are allocated...
CVE-2025-20260
A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service DoS condition, or execute arbitrary code on an affected device. This vulnerability exists because memory buffers are allocated...
CVE-2025-20234 ClamAV UDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
A vulnerability in Universal Disk Format UDF processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability...
CVE-2025-20234 ClamAV UDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
A vulnerability in Universal Disk Format UDF processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability...
clamav -- ClamAV UDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Cisco reports: A vulnerability in Universal Disk Format UDF processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit thi...
ABB M2M Gateway Arbitrary Code Execution in embedded ClamAV (CVE-2023-20032)
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code...
CVE-2025-20128
A vulnerability in the Object Linking and Embedding 2 OLE2 decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buff...
Medium: clamav1.4
Issue Overview: A vulnerability in the Object Linking and Embedding 2 OLE2 decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows...
USN-7229-1: ClamAV vulnerability
It was discovered that ClamAV incorrectly handled decrypting OLE2 content. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...
USN-7229-1 clamav vulnerability
It was discovered that ClamAV incorrectly handled decrypting OLE2 content. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...
Ubuntu 24.04 LTS / 24.10 : ClamAV vulnerability (USN-7229-1)
The remote Ubuntu 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7229-1 advisory. It was discovered that ClamAV incorrectly handled decrypting OLE2 content. A remote attacker could possibly use this issue to cause ClamAV to crash,...
UBUNTU-CVE-2025-20128
A vulnerability in the Object Linking and Embedding 2 OLE2 decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buff...
CVE-2025-20128
A vulnerability in the Object Linking and Embedding 2 OLE2 decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buff...
CVE-2025-20128 ClamAV OLE2 File Format Decryption Denial of Service Vulnerability
A vulnerability in the Object Linking and Embedding 2 OLE2 decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buff...
CVE-2025-20128
A vulnerability in the Object Linking and Embedding 2 OLE2 decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buff...
CVE-2025-20128 ClamAV OLE2 File Format Decryption Denial of Service Vulnerability
A vulnerability in the Object Linking and Embedding 2 OLE2 decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buff...
CVE-2025-20128
The vulnerability CVE-2025-20128 affects ClamAV’s OLE2 file decryption. An integer underflow in a bounds check allows a heap buffer overflow read via a crafted OLE2 content file, enabling an unauthenticated remote attacker to cause a DoS by terminating the ClamAV scanning process. Cisco’s advisor...
ClamAV OLE2 File Format Decryption Denial of Service Vulnerability
A vulnerability in the Object Linking and Embedding 2 OLE2 decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buff...
PT-2025-26181
Name of the Vulnerable Software and Affected Versions ClamAV versions 1.0.9 through 1.4.3 Description A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service DoS condition, or execute...