IDCVSSSummaryLast (major) updatePublished
CVE-2016-1405 5.0
libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remot
28-11-2016 - 19:58 08-06-2016 - 14:59
CVE-2018-0360 4.3
ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c.
26-04-2019 - 16:41 16-07-2018 - 17:29
CVE-2018-0202 4.3
clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanis
26-03-2019 - 16:02 27-03-2018 - 09:29
CVE-2008-0728 10.0
The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger "heap corruption."
08-08-2017 - 01:29 12-02-2008 - 20:00
CVE-2018-0361 4.3
ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file.
26-04-2019 - 16:41 16-07-2018 - 17:29
CVE-2007-0899 7.5
There is a possible heap overflow in libclamav/fsg.c before 0.100.0.
18-08-2020 - 15:05 06-11-2019 - 04:15
CVE-2011-1003 6.8
Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office d
17-08-2017 - 01:33 23-02-2011 - 19:00
CVE-2009-1241 7.5
Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive.
10-11-2020 - 18:34 03-04-2009 - 18:30
CVE-2006-1615 10.0
Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidenc
20-07-2017 - 01:30 06-04-2006 - 22:04
CVE-2005-3501 4.3
The cabd_find function in cabd.c of the libmspack library (mspack) for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted CAB file that causes cabd_find to be called with a zero le
14-07-2011 - 04:00 05-11-2005 - 11:02
CVE-2015-1461 7.5
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition."
07-12-2016 - 18:09 03-02-2015 - 16:59
CVE-2009-1371 5.0
The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) via a malformed file with UPack encoding.
16-09-2009 - 05:30 23-04-2009 - 15:30
CVE-2007-2650 4.3
The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop, as demons
09-11-2020 - 02:56 14-05-2007 - 21:19
CVE-2017-12376 9.3
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerabili
16-03-2018 - 01:29 26-01-2018 - 20:29
CVE-2017-12378 7.1
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation
03-10-2019 - 00:03 26-01-2018 - 20:29
CVE-2016-1372 4.3
ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file.
04-10-2016 - 14:50 03-10-2016 - 18:59
CVE-2017-12377 10.0
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerabili
03-10-2019 - 00:03 26-01-2018 - 20:29
CVE-2015-2668 5.0
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file.
03-01-2017 - 02:59 12-05-2015 - 19:59
CVE-2016-1371 4.3
ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted mew packer executable.
04-10-2016 - 15:20 03-10-2016 - 18:59
CVE-2017-12374 7.8
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input valid
16-03-2018 - 01:29 26-01-2018 - 20:29
CVE-2015-2222 5.0
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file.
03-01-2017 - 02:59 12-05-2015 - 19:59
CVE-2017-12379 10.0
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerabili
16-03-2018 - 01:29 26-01-2018 - 20:29
CVE-2010-1639 4.3
The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length.
17-08-2017 - 01:32 26-05-2010 - 18:30
CVE-2015-1462 7.5
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition."
07-12-2016 - 18:09 03-02-2015 - 16:59
CVE-2015-2221 5.0
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file.
03-01-2017 - 02:59 12-05-2015 - 19:59
CVE-2017-12375 7.8
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input valid
16-03-2018 - 01:29 26-01-2018 - 20:29
CVE-2015-1463 5.0
ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization."
07-12-2016 - 18:09 03-02-2015 - 16:59
CVE-2017-12380 7.8
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation
16-03-2018 - 01:29 26-01-2018 - 20:29
CVE-2015-2170 5.0
The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
03-01-2017 - 02:59 12-05-2015 - 19:59
CVE-2011-2721 5.0
Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculation
29-08-2017 - 01:29 05-08-2011 - 21:55
CVE-2013-2020 5.0
Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-
28-09-2015 - 16:31 13-05-2013 - 23:55
CVE-2010-3434 9.3
Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. NOTE: some of th
24-03-2011 - 02:52 30-09-2010 - 15:00
CVE-2011-3627 4.3
The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c.
12-03-2012 - 04:00 17-11-2011 - 19:55
CVE-2008-6680 5.0
libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error.
17-08-2017 - 01:29 08-04-2009 - 16:30
CVE-2010-4260 5.0
Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) "bb #2358" and (2) "bb #
24-03-2011 - 02:54 07-12-2010 - 13:53
CVE-2010-4261 7.5
Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NO
24-03-2011 - 02:54 07-12-2010 - 13:53
CVE-2008-6845 5.0
The unpack feature in ClamAV 0.93.3 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a corrupted LZH file.
11-10-2018 - 20:57 02-07-2009 - 10:30
CVE-2010-4479 7.5
Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka "bb #2380," a different vulnerability
24-03-2011 - 02:54 07-12-2010 - 13:53
CVE-2008-3912 5.0
libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition.
09-11-2020 - 03:20 11-09-2008 - 01:13
CVE-2008-3913 5.0
Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic".
10-11-2020 - 18:34 11-09-2008 - 01:13
CVE-2008-3914 10.0
Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c.
05-11-2020 - 16:05 11-09-2008 - 01:13
CVE-2013-7088 7.5
ClamAV before 0.97.7 has buffer overflow in the libclamav component
20-11-2019 - 15:13 15-11-2019 - 15:15
CVE-2014-9050 5.0
Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.
30-04-2015 - 02:01 01-12-2014 - 15:59
CVE-2018-15378 4.3
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11()" function (libclamav/mew.c), which can be
09-10-2019 - 23:35 15-10-2018 - 17:29
CVE-2013-7089 5.0
ClamAV before 0.97.7: dbg_printhex possible information leak
20-11-2019 - 15:09 15-11-2019 - 15:15
CVE-2014-9328 7.5
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."
03-01-2017 - 02:59 03-02-2015 - 16:59
CVE-2013-6497 2.1
clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.
29-08-2017 - 01:33 01-12-2014 - 15:59
CVE-2019-15961 7.1
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to
19-03-2020 - 23:15 15-01-2020 - 19:15
CVE-2019-1789 5.0
ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result
07-11-2019 - 15:55 05-11-2019 - 19:15
CVE-2019-12625 5.0
ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.
01-12-2019 - 01:15 05-11-2019 - 19:15
CVE-2013-7087 7.5
ClamAV before 0.97.7 has WWPack corrupt heap memory
20-11-2019 - 15:17 15-11-2019 - 15:15
CVE-2019-1798 4.3
A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. T
11-04-2019 - 03:29 08-04-2019 - 20:29
CVE-2019-1788 4.3
A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected
16-10-2020 - 19:22 08-04-2019 - 20:29
CVE-2019-1787 4.3
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected de
09-10-2019 - 23:48 08-04-2019 - 19:29
CVE-2021-27506 4.3
The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This iss
12-04-2021 - 16:15 19-03-2021 - 15:15
CVE-2021-1405 5.0
A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is
01-05-2021 - 02:15 08-04-2021 - 05:15
Back to Top Mark selected
Back to Top