clamav

possible double-free vulnerability in the OLE2 file parser

possible NULL-pointer dereference crash in the scan verdict cache check

possible multi-byte heap buffer overflow write vulnerability in the signature database load module

possible memory leak in the HTML file parser / Javascript normalizer

possible infinite loop vulnerability in the TIFF file parser. The issue only occurs if the "--alert-broken-media" ClamScan option is enabled. For ClamD, the...

possible infinite loop vulnerability in the CHM file parser

A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker...

A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated,...

A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated,...

clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the `_is_clamav_binary` function located...

A denial-of-service (DoS) condition may occur when using the optional credit card data-loss-prevention (DLP) feature. Improper bounds checking of an...

A heap-based out-of-bounds read has been found in the xar_hash_check function of the xar decoder of ClamAV before 0.99.4, leading to a denial of service.

A heap overflow has been discovered in ClamAv before 0.99.4 in pdf_parse_string possibly leading to arbitrary code execution by inspecting a specially...

ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of...

ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of...

ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of...

ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of...

ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of...

ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of...

ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of...

The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV before 0.99.4  and other products, allows remote attackers to cause...

The wwunpack function in libclamav/wwunpack.c in ClamAV before 0.99.3 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE...

mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV before 0.99.4, allows remote attackers to cause a denial of service (heap-based buffer overflow and...

libclamav/message.c in ClamAV before 0.99.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message.

A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products,...