CVE-2022-20803 |
AVG-2722 |
Unknown |
Yes |
Arbitrary code execution |
possible double-free vulnerability in the OLE2 file parser |
CVE-2022-20796 |
AVG-2722 |
Medium |
Unknown |
Unknown |
possible NULL-pointer dereference crash in the scan verdict cache check |
CVE-2022-20792 |
AVG-2722 |
Unknown |
Yes |
Arbitrary code execution |
possible multi-byte heap buffer overflow write vulnerability in the signature database load module |
CVE-2022-20785 |
AVG-2722 |
High |
Yes |
Denial of service |
possible memory leak in the HTML file parser / Javascript normalizer |
CVE-2022-20771 |
AVG-2722 |
High |
Yes |
Denial of service |
possible infinite loop vulnerability in the TIFF file parser. The issue only occurs if the "--alert-broken-media" ClamScan option is enabled. For ClamD, the... |
CVE-2022-20770 |
AVG-2722 |
High |
Yes |
Denial of service |
possible infinite loop vulnerability in the CHM file parser |
CVE-2021-1405 |
AVG-1787 |
Low |
Yes |
Denial of service |
A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker... |
CVE-2021-1404 |
AVG-1787 |
Low |
Yes |
Denial of service |
A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated,... |
CVE-2021-1252 |
AVG-1787 |
Low |
Yes |
Denial of service |
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated,... |
CVE-2020-7613 |
AVG-1168 |
High |
No |
Arbitrary command execution |
clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the `_is_clamav_binary` function located... |
CVE-2020-3123 |
AVG-1168 |
High |
Yes |
Denial of service |
A denial-of-service (DoS) condition may occur when using the optional credit card data-loss-prevention (DLP) feature. Improper bounds checking of an... |
CVE-2018-1000085 |
AVG-602 |
Medium |
Yes |
Denial of service |
A heap-based out-of-bounds read has been found in the xar_hash_check function of the xar decoder of ClamAV before 0.99.4, leading to a denial of service. |
CVE-2018-0202 |
AVG-602 |
Critical |
Yes |
Arbitrary code execution |
A heap overflow has been discovered in ClamAv before 0.99.4 in pdf_parse_string possibly leading to arbitrary code execution by inspecting a specially... |
CVE-2017-12380 |
AVG-601 |
Medium |
Yes |
Denial of service |
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of... |
CVE-2017-12379 |
AVG-601 |
Critical |
Yes |
Arbitrary code execution |
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of... |
CVE-2017-12378 |
AVG-601 |
Medium |
Yes |
Denial of service |
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of... |
CVE-2017-12377 |
AVG-601 |
Critical |
Yes |
Arbitrary code execution |
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of... |
CVE-2017-12376 |
AVG-601 |
Critical |
Yes |
Arbitrary code execution |
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of... |
CVE-2017-12375 |
AVG-601 |
Medium |
Yes |
Denial of service |
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of... |
CVE-2017-12374 |
AVG-601 |
Medium |
Yes |
Denial of service |
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of... |
CVE-2017-11423 |
AVG-602 |
Medium |
Yes |
Denial of service |
The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV before 0.99.4 and other products, allows remote attackers to cause... |
CVE-2017-6420 |
AVG-601 |
Medium |
Yes |
Denial of service |
The wwunpack function in libclamav/wwunpack.c in ClamAV before 0.99.3 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE... |
CVE-2017-6419 |
AVG-602 |
Critical |
Yes |
Arbitrary code execution |
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV before 0.99.4, allows remote attackers to cause a denial of service (heap-based buffer overflow and... |
CVE-2017-6418 |
AVG-601 |
Medium |
Yes |
Denial of service |
libclamav/message.c in ClamAV before 0.99.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message. |
CVE-2012-6706 |
AVG-602 |
Critical |
Yes |
Arbitrary code execution |
A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products,... |