CRITICAL9.8CVE-2025-20260A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow conditio… from 0, < 1.0.9+dfsg-1~deb11u1
from 0, < 0.103.8+dfsg-0+deb11u1
CRITICAL9.8clamav - security update
from 0, < 0.103.8+dfsg-0+deb10u1
CRITICAL9.8ClamAV before 0.97.7 has buffer overflow in the libclamav component
from 0, < 0.97.7+dfsg-1
CRITICAL9.8ClamAV before 0.97.7 has WWPack corrupt heap memory
from 0, < 0.97.7+dfsg-1
CRITICAL9.8clamav 0.91.2 suffers from a floating point exception when using ScanOLE2.
from 0, < 0.91.2-1~volatile1
CRITICAL9.8There is a possible heap overflow in libclamav/fsg.c before 0.100.0.
from 0, < 0.90-1
CRITICAL9.8ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a…
from 0, < 0.99.3~beta2+dfsg-1
CRITICAL9.8ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a…
from 0, < 0.99.3~beta2+dfsg-1
HIGH7.8A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2…
from 0, < 0.103.6+dfsg-0+deb11u1
HIGH7.8A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unau…
from 0, < 0.101.2+dfsg-1
HIGH7.8ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a…
from 0, < 0.99.3~beta2+dfsg-1
HIGH7.8mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer over…
from 0, < 0.99.3~beta1+dfsg-1
HIGH7.5A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of se…
from 0, < 1.4.3+dfsg-1
HIGH7.5clamav - security update
from 0, < 1.0.9+dfsg-1~deb11u1
HIGH7.5clamav - security update
from 0, < 1.0.9+dfsg-1~deb11u1
HIGH7.5clamav - security update
from 0, < 1.0.7+dfsg-1~deb11u1
HIGH7.5clamav - security update
from 0, < 1.0.7+dfsg-1~deb11u1
HIGH7.5A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS)…
from 0, < 1.0.5+dfsg-1~deb12u1
HIGH7.5A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition…
from 0, < 1.0.2+dfsg-1~deb12u1
HIGH7.5clamav - security update
from 0, < 0.103.9+dfsg-0+deb11u1
HIGH7.5clamav - security update
from 0, < 0.103.9+dfsg-0+deb10u1
HIGH7.5On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disc…
from 0, < 0.103.6+dfsg-0+deb11u1
HIGH7.5On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disc…
from 0, < 0.103.6+dfsg-0+deb11u1
HIGH7.5clamav - security update
from 0, < 0.103.6+dfsg-0+deb11u1
HIGH7.5clamav - security update
from 0, < 0.103.6+dfsg-0+deb9u1
HIGH7.5A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions…
from 0, < 0.103.5+dfsg-0+deb11u1
HIGH7.5clamav - security update
from 0, < 0.102.4+dfsg-0+deb9u2
HIGH7.5clamav - security update
from 0, < 0.103.2+dfsg-1
HIGH7.5A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated,…
from 0, < 0.103.2+dfsg-1
HIGH7.5A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unaut…
from 0, < 0.103.2+dfsg-1
HIGH7.5A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthentic…
from 0, < 0.102.4+dfsg-1
HIGH7.5A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticat…
from 0, < 0.102.3+dfsg-1
HIGH7.5clamav - security update
from 0, < 0.102.4+dfsg-1
HIGH7.5clamav - security update
from 0, < 0.102.4+dfsg-0+deb9u1
HIGH7.5clamav - security update
from 0, < 0.101.5+dfsg-0+deb8u2
HIGH7.5A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an un…
from 0, < 0.102.2+dfsg-1
HIGH7.5ClamAV before 0.97.7: dbg_printhex possible information leak
from 0, < 0.97.7+dfsg-1
HIGH7.5ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability.
from 0, < 0.101.2+dfsg-1
HIGH7.5clamav - security update
from 0, < 0.101.4+dfsg-0+deb8u1
HIGH7.5clamav - security update
from 0, < 0.101.4+dfsg-1
HIGH7.5ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a…
from 0, < 0.99.3~beta2+dfsg-1
HIGH7.5The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cau…
from 0, < 0.99.3~beta2+dfsg-1
HIGH7.5clamav - security update
from 0, < 0.99.2+dfsg-0+deb7u4
HIGH7.5clamav - security update
from 0, < 0.99.3~beta2+dfsg-1
HIGH7.5libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices befo…
from 0, < 0.99+dfsg-1
HIGH7.5clamav
from 0, < 0.84-2.sarge.15
HIGH7.5clamav
from 0, < 0.90-1
MEDIUM6.5clamav - security update
from 0, < 0.102.1+dfsg-1
MEDIUM6.5clamav - security update
from 0, < 0.101.5+dfsg-0+deb8u1
MEDIUM6.3A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to caus…
from 0, < 0.102.4+dfsg-1
MEDIUM6.1A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6…
from 0, < 1.0.7+dfsg-1~deb11u1
MEDIUM5.5On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclos…
from 0, < 0.103.6+dfsg-0+deb11u1
MEDIUM5.5A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior…
from 0, < 0.101.2+dfsg-1
MEDIUM5.5A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 a…
from 0, < 0.101.2+dfsg-1
MEDIUM5.5clamav - security update
from 0, < 0.101.2+dfsg-1
MEDIUM5.5clamav - security update
from 0, < 0.100.3+dfsg-0+deb8u1
MEDIUM5.5A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101…
from 0, < 0.101.2+dfsg-1
MEDIUM5.5clamav - security update
from 0, < 0.100.2+dfsg-1
MEDIUM5.5clamav - security update
from 0, < 0.100.2+dfsg-0+deb8u1
MEDIUM5.5clamav - security update
from 0, < 0.100.1+dfsg-1
MEDIUM5.5clamav - security update
from 0, < 0.100.1+dfsg-0+deb8u1
MEDIUM5.5clamav - security update
from 0, < 0.100.0~beta+dfsg-2
MEDIUM5.5clamav - security update
from 0, < 0.99.4+dfsg-1+deb7u1
MEDIUM5.5ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can res…
from 0, < 0.99.3~beta1+dfsg-1
MEDIUM5.5ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a…
from 0, < 0.99.3~beta2+dfsg-1
MEDIUM5.5The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a…
from 0, < 0.99.3~beta1+dfsg-1
MEDIUM5.5clamav - security update
from 0, < 0.99.2+dfsg-0+deb7u3
MEDIUM5.5clamav - security update
from 0, < 0.99.3~beta1+dfsg-1
MEDIUM5.5libmspack - security update
from 0, < 0.99.2+dfsg-0+deb7u5
MEDIUM5.5libmspack - security update
from 0, < 0.99.3~beta1+dfsg-1
MEDIUM5.5ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file.
from 0, < 0.99.2+dfsg-1
MEDIUM5.5clamav - security update
from 0, < 0.99.2+dfsg-1
MEDIUM5.5clamav - security update
from 0, < 0.99.2+dfsg-0+deb7u2
MEDIUM5.3A vulnerability in the HTML Cascading Style Sheets (CSS) module of ClamAV could allow an unauthenticated, remote attacker to cause a denial…
from 0
MEDIUM5.3A vulnerability in the VirusEvent feature of ClamAV could allow a local attacker to inject arbitrary commands with the privileges of the ap…
from 0, < 1.0.5+dfsg-1~deb12u1
MEDIUM5.3On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV…
from 0, < 0.103.8+dfsg-0+deb11u1
MEDIUM4.0out-of-bounds write when there are many bzip2 selectors
from 0, < 0.101.4+dfsg-1
LOW3.3ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file.
from 0, < 0.100.1+dfsg-1
—ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through the ClamBC bytecode interpreter that allows…
from 0, < 0.103.0+dfsg-1
—ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file.
from 0, < 0.98.7+dfsg-1
—ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file.
from 0, < 0.98.7+dfsg-1
—ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file.
from 0, < 0.98.7+dfsg-1
—The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
from 0, < 0.98.7+dfsg-1
—php5 - security update
from 0, < 0.98.7+dfsg-1
—ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrec…
from 0, < 0.98.6+dfsg-1
—ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds con…
from 0, < 0.98.6+dfsg-1
—ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to…
from 0, < 0.98.6+dfsg-1
—clamav - security update
from 0, < 0.98.6+dfsg-1
—clamav - security update
from 0, < 0.98.7+dfsg-0+deb6u1
—Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial o…
from 0, < 0.98.5+dfsg-1
—clamav - security update
from 0, < 0.98.5+dfsg-1
—clamav - security update
from 0, < 0.98.1+dfsg-1+deb6u4
—pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value…
from 0, < 0.97.8+dfsg-1
—Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) v…
from 0, < 0.97.8+dfsg-1
—The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.…
from 0, < 0.97.5+dfsg-1
—The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a craft…
from 0, < 0.97.5+dfsg-1
—The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0…
from 0, < 0.97.5+dfsg-1
—The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a POS…
from 0, < 0.97.5+dfsg-1
—The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion…
from 0, < 0.97.3+dfsg-1