| Bug | Description |
|---|
| TEMP-0535881-957F77 | clamav scanner bypass with archives |
| TEMP-0000000-DD8D83 | crash during algorithmic detection on crafted PE file |
| TEMP-0000000-DAE756 | clamav: DoS through multiple empty Content-Disposition header lines |
| TEMP-0000000-604AC4 | crashes on crafted upack packed file |
| TEMP-0000000-84AA65 | DoS against clamav through infinite loop in cli_rmdirs |
| CVE-2024-20380 | A vulnerability in the HTML parser of ClamAV could allow an unauthenti ... |
| CVE-2024-20328 | A vulnerability in the VirusEvent feature of ClamAV could allow a loca ... |
| CVE-2024-20290 | A vulnerability in the OLE2 file format parser of ClamAV could allow a ... |
| CVE-2023-20212 | A vulnerability in the AutoIt module of ClamAV could allow an unauthen ... |
| CVE-2023-20197 | A vulnerability in the filesystem image parser for Hierarchical File S ... |
| CVE-2023-20052 | On Feb 15, 2023, the following vulnerability in the ClamAV scanning li ... |
| CVE-2023-20032 | On Feb 15, 2023, the following vulnerability in the ClamAV scanning li ... |
| CVE-2022-20803 | A vulnerability in the OLE2 file parser of Clam AntiVirus (ClamAV) ver ... |
| CVE-2022-20796 | On May 4, 2022, the following vulnerability in the ClamAV scanning lib ... |
| CVE-2022-20792 | A vulnerability in the regex module used by the signature database loa ... |
| CVE-2022-20785 | On April 20, 2022, the following vulnerability in the ClamAV scanning ... |
| CVE-2022-20771 | On April 20, 2022, the following vulnerability in the ClamAV scanning ... |
| CVE-2022-20770 | On April 20, 2022, the following vulnerability in the ClamAV scanning ... |
| CVE-2022-20698 | A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) ... |
| CVE-2021-1405 | A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) ... |
| CVE-2021-1404 | A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) S ... |
| CVE-2021-1252 | A vulnerability in the Excel XLM macro parsing module in Clam AntiViru ... |
| CVE-2020-3481 | A vulnerability in the EGG archive parsing module in Clam AntiVirus (C ... |
| CVE-2020-3350 | A vulnerability in the endpoint software of Cisco AMP for Endpoints an ... |
| CVE-2020-3341 | A vulnerability in the PDF archive parsing module in Clam AntiVirus (C ... |
| CVE-2020-3327 | A vulnerability in the ARJ archive parsing module in Clam AntiVirus (C ... |
| CVE-2020-3123 | A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiV ... |
| CVE-2019-15961 | A vulnerability in the email parsing module Clam AntiVirus (ClamAV) So ... |
| CVE-2019-12900 | BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bo ... |
| CVE-2019-12625 | ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnera ... |
| CVE-2019-1798 | A vulnerability in the Portable Executable (PE) file scanning function ... |
| CVE-2019-1789 | ClamAV versions prior to 0.101.2 are susceptible to a denial of servic ... |
| CVE-2019-1788 | A vulnerability in the Object Linking & Embedding (OLE2) file scanning ... |
| CVE-2019-1787 | A vulnerability in the Portable Document Format (PDF) scanning functio ... |
| CVE-2019-1786 | A vulnerability in the Portable Document Format (PDF) scanning functio ... |
| CVE-2019-1785 | A vulnerability in the RAR file scanning functionality of Clam AntiVir ... |
| CVE-2018-1000085 | ClamAV version version 0.99.3 contains a Out of bounds heap memory rea ... |
| CVE-2018-15378 | A vulnerability in ClamAV versions prior to 0.100.2 could allow an att ... |
| CVE-2018-0361 | ClamAV before 0.100.1 lacks a PDF object length check, resulting in an ... |
| CVE-2018-0360 | ClamAV before 0.100.1 has an HWP integer overflow with a resultant inf ... |
| CVE-2018-0202 | clamscan in ClamAV before 0.99.4 contains a vulnerability that could a ... |
| CVE-2017-12380 | ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerab ... |
| CVE-2017-12379 | ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerab ... |
| CVE-2017-12378 | ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerab ... |
| CVE-2017-12377 | ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerab ... |
| CVE-2017-12376 | ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerab ... |
| CVE-2017-12375 | The ClamAV AntiVirus software versions 0.99.2 and prior contain a vuln ... |
| CVE-2017-12374 | The ClamAV AntiVirus software versions 0.99.2 and prior contain a vuln ... |
| CVE-2017-11423 | The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, ... |
| CVE-2017-6420 | The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows ... |
| CVE-2017-6419 | mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows ... |
| CVE-2017-6418 | libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause ... |
| CVE-2016-1405 | libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware ... |
| CVE-2016-1372 | ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to c ... |
| CVE-2016-1371 | ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to c ... |
| CVE-2015-2668 | ClamAV before 0.98.7 allows remote attackers to cause a denial of serv ... |
| CVE-2015-2305 | Integer overflow in the regcomp implementation in the Henry Spencer BS ... |
| CVE-2015-2222 | ClamAV before 0.98.7 allows remote attackers to cause a denial of serv ... |
| CVE-2015-2221 | ClamAV before 0.98.7 allows remote attackers to cause a denial of serv ... |
| CVE-2015-2170 | The upx decoder in ClamAV before 0.98.7 allows remote attackers to cau ... |
| CVE-2015-1463 | ClamAV before 0.98.6 allows remote attackers to cause a denial of serv ... |
| CVE-2015-1462 | ClamAV before 0.98.6 allows remote attackers to have unspecified impac ... |
| CVE-2015-1461 | ClamAV before 0.98.6 allows remote attackers to have unspecified impac ... |
| CVE-2014-9328 | ClamAV before 0.98.6 allows remote attackers to have unspecified impac ... |
| CVE-2014-9050 | Heap-based buffer overflow in the cli_scanpe function in libclamav/pe. ... |
| CVE-2013-7089 | ClamAV before 0.97.7: dbg_printhex possible information leak |
| CVE-2013-7088 | ClamAV before 0.97.7 has buffer overflow in the libclamav component |
| CVE-2013-7087 | ClamAV before 0.97.7 has WWPack corrupt heap memory |
| CVE-2013-6497 | clamscan in ClamAV before 0.98.5, when using -a option, allows remote ... |
| CVE-2013-2021 | pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause ... |
| CVE-2013-2020 | Integer underflow in the cli_scanpe function in pe.c in ClamAV before ... |
| CVE-2012-1459 | The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avir ... |
| CVE-2012-1458 | The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4 ... |
| CVE-2012-1457 | The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2. ... |
| CVE-2012-1419 | The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat QuickHeal ... |
| CVE-2011-3627 | The bytecode engine in ClamAV before 0.97.3 allows remote attackers to ... |
| CVE-2011-2721 | Off-by-one error in the cli_hm_scan function in matcher-hash.c in libc ... |
| CVE-2011-1003 | Double free vulnerability in the vba_read_project_strings function in ... |
| CVE-2010-4479 | Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96. ... |
| CVE-2010-4261 | Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ... |
| CVE-2010-4260 | Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV b ... |
| CVE-2010-3434 | Buffer overflow in the find_stream_bounds function in pdf.c in libclam ... |
| CVE-2010-1640 | Off-by-one error in the parseicon function in libclamav/pe_icons.c in ... |
| CVE-2010-1639 | The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows ... |
| CVE-2010-1311 | The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.9 ... |
| CVE-2010-0405 | Integer overflow in the BZ2_decompress function in decompress.c in bzi ... |
| CVE-2010-0098 | ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z fil ... |
| CVE-2010-0058 | freshclam in ClamAV in Apple Mac OS X 10.5.8 with Security Update 2009 ... |
| CVE-2009-3736 | ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as us ... |
| CVE-2009-1601 | The Ubuntu clamav-milter.init script in clamav-milter before 0.95.1+df ... |
| CVE-2009-1372 | Stack-based buffer overflow in the cli_url_canon function in libclamav ... |
| CVE-2009-1371 | The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95. ... |
| CVE-2009-1270 | libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cau ... |
| CVE-2009-1241 | Unspecified vulnerability in ClamAV before 0.95 allows remote attacker ... |
| CVE-2008-6845 | The unpack feature in ClamAV 0.93.3 and earlier allows remote attacker ... |
| CVE-2008-6680 | libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause ... |
| CVE-2008-5525 | ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is us ... |
| CVE-2008-5314 | Stack consumption vulnerability in libclamav/special.c in ClamAV befor ... |
| CVE-2008-5050 | Off-by-one error in the get_unicode_name function (libclamav/vba_extra ... |
| CVE-2008-3914 | Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknow ... |
| CVE-2008-3913 | Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 mig ... |
| CVE-2008-3912 | libclamav in ClamAV before 0.94 allows attackers to cause a denial of ... |
| CVE-2008-3215 | libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to ... |
| CVE-2008-2713 | libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to ... |
| CVE-2008-1837 | libclamunrar in ClamAV before 0.93 allows remote attackers to cause a ... |
| CVE-2008-1836 | The rfc2231 function in message.c in libclamav in ClamAV before 0.93 a ... |
| CVE-2008-1835 | ClamAV before 0.93 allows remote attackers to bypass the scanning engi ... |
| CVE-2008-1833 | Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allow ... |
| CVE-2008-1389 | libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows r ... |
| CVE-2008-1387 | ClamAV before 0.93 allows remote attackers to cause a denial of servic ... |
| CVE-2008-1100 | Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe. ... |
| CVE-2008-0728 | The unmew11 function in libclamav/mew.c in libclamav in ClamAV before ... |
| CVE-2008-0318 | Integer overflow in the cli_scanpe function in libclamav in ClamAV bef ... |
| CVE-2008-0314 | Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 all ... |
| CVE-2007-6745 | clamav 0.91.2 suffers from a floating point exception when using ScanO ... |
| CVE-2007-6596 | ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows ... |
| CVE-2007-6595 | ClamAV 0.92 allows local users to overwrite arbitrary files via a syml ... |
| CVE-2007-6337 | Unspecified vulnerability in the bzip2 decompression algorithm in nsis ... |
| CVE-2007-6336 | Off-by-one error in ClamAV before 0.92 allows remote attackers to exec ... |
| CVE-2007-6335 | Integer overflow in libclamav in ClamAV before 0.92 allows remote atta ... |
| CVE-2007-4560 | clamav-milter in ClamAV before 0.91.2, when run in black hole mode, al ... |
| CVE-2007-4510 | ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and ... |
| CVE-2007-3725 | The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows u ... |
| CVE-2007-3123 | unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 a ... |
| CVE-2007-3122 | The parsing engine in ClamAV before 0.90.3 and 0.91 before 0.91rc1 all ... |
| CVE-2007-3025 | Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before 0 ... |
| CVE-2007-3024 | libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 use ... |
| CVE-2007-3023 | unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not proper ... |
| CVE-2007-2650 | The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to ... |
| CVE-2007-2029 | File descriptor leak in the PDF handler in Clam AntiVirus (ClamAV) all ... |
| CVE-2007-1997 | Integer signedness error in the (1) cab_unstore and (2) cab_extract fu ... |
| CVE-2007-1745 | The chm_decompress_stream function in libclamav/chmunpack.c in Clam An ... |
| CVE-2007-0899 | There is a possible heap overflow in libclamav/fsg.c before 0.100.0. |
| CVE-2007-0898 | Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV be ... |
| CVE-2007-0897 | Clam AntiVirus ClamAV before 0.90 does not close open file descriptors ... |
| CVE-2006-6481 | Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to cause a deni ... |
| CVE-2006-6406 | Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus ... |
| CVE-2006-5874 | Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to ca ... |
| CVE-2006-5295 | Unspecified vulnerability in ClamAV before 0.88.5 allows remote attack ... |
| CVE-2006-4182 | Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions befor ... |
| CVE-2006-4018 | Heap-based buffer overflow in the pefromupx function in libclamav/upx. ... |
| CVE-2006-2427 | freshclam in (1) Clam Antivirus (ClamAV) 0.88 and (2) ClamXav 1.0.3h a ... |
| CVE-2006-1989 | Buffer overflow in the get_database function in the HTTP client in Fre ... |
| CVE-2006-1630 | The cli_bitset_set function in libclamav/others.c in Clam AntiVirus (C ... |
| CVE-2006-1615 | Multiple format string vulnerabilities in the logging code in Clam Ant ... |
| CVE-2006-1614 | Integer overflow in the cli_scanpe function in the PE header parser (l ... |
| CVE-2006-0162 | Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamA ... |
| CVE-2005-3587 | Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before ... |
| CVE-2005-3501 | The cabd_find function in cabd.c of the libmspack library (mspack) for ... |
| CVE-2005-3500 | The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) bef ... |
| CVE-2005-3303 | The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 ... |
| CVE-2005-3239 | The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows re ... |
| CVE-2005-3229 | Multiple interpretation error in unspecified versions of ClamAV Antivi ... |
| CVE-2005-2920 | Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before 0 ... |
| CVE-2005-2919 | libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote a ... |
| CVE-2005-2450 | Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file f ... |
| CVE-2005-2070 | The ClamAV Mail fILTER (clamav-milter) 0.84 through 0.85d, when used i ... |
| CVE-2005-2056 | The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 0.8 ... |
| CVE-2005-1923 | The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, an ... |
| CVE-2005-1922 | The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 all ... |
| CVE-2005-0218 | ClamAV 0.80 and earlier allows remote attackers to bypass virus scanni ... |
| CVE-2005-0133 | ClamAV 0.80 and earlier allows remote attackers to cause a denial of s ... |
| CVE-2004-1909 | Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to ... |
| CVE-2004-1876 | The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon ... |
| CVE-2004-0270 | libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a de ... |
| CVE-2003-0946 | Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 t ... |