VYPR
Vendor

Clam AntiVirus

Products
3
CVEs
22
Across products
25
Status
Private

Products

3

Recent CVEs

22
View all 22 CVEs →
  • CVE-2022-20803HigFeb 17, 2023
    risk 0.56cvss 8.6epss 0.01

    A vulnerability in the OLE2 file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.The vulnerability is due to incorrect use of the realloc function that…

  • CVE-2019-1785HigApr 8, 2019
    risk 0.51cvss 7.8epss 0.02

    A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper…

  • CVE-2022-20698HigJan 14, 2022
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to…

  • CVE-2021-1405HigApr 8, 2021
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable…

  • CVE-2021-1404HigApr 8, 2021
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that…

  • CVE-2021-1252HigApr 8, 2021
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error…

  • CVE-2020-3481HigJul 20, 2020
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference.…

  • CVE-2020-3341HigMay 13, 2020
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read.…

  • CVE-2020-3327HigMay 13, 2020
    risk 0.49cvss 7.5epss 0.05

    A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An…

  • CVE-2020-3123HigFeb 5, 2020
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds…

  • CVE-2007-0897HigFeb 16, 2007
    risk 0.49cvss 7.5epss 0.03

    Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a…

  • CVE-2019-1798MedApr 8, 2019
    risk 0.36cvss 5.5epss 0.01

    A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a…

  • CVE-2019-1788MedApr 8, 2019
    risk 0.36cvss 5.5epss 0.02

    A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is…

  • CVE-2019-1787MedApr 8, 2019
    risk 0.36cvss 5.5epss 0.02

    A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is…

  • CVE-2019-1786MedApr 8, 2019
    risk 0.36cvss 5.5epss 0.01

    A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is…

  • CVE-2024-20505MedSep 4, 2024
    risk 0.26cvss 4.0epss 0.01

    A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote…

  • CVE-2004-0270Nov 23, 2004
    risk 0.04cvss epss 0.10

    libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program.

  • CVE-2008-5050Nov 13, 2008
    risk 0.01cvss epss 0.08

    Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based…

  • CVE-2006-0162Jan 10, 2006
    risk 0.01cvss epss 0.10

    Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.

  • CVE-2007-2029Apr 30, 2007
    risk 0.00cvss epss 0.03

    File descriptor leak in the PDF handler in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service via a crafted PDF file.