Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
clamav clamav vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-6418
libclamav/message.c in ClamAV 0.99.2 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted e-mail message.
Clamav Clamav 0.99.2
5.5
CVSSv3
CVE-2017-6420
The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote malicious users to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression.
Clamav Clamav 0.99.2
NA
CVE-2010-1640
Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote malicious users to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling.
Clamav Clamav 0.96
NA
CVE-2005-1922
The MS-Expand file handling in Clam AntiVirus (ClamAV) prior to 0.86 allows remote malicious users to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function.
Clam Anti-virus Clamav 0.85
Clam Anti-virus Clamav 0.85.1
Clam Anti-virus Clamav 0.81
Clam Anti-virus Clamav 0.82
Clam Anti-virus Clamav 0.84 Rc1
Clam Anti-virus Clamav 0.83
Clam Anti-virus Clamav 0.84 Rc2
NA
CVE-2007-1997
Integer signedness error in the (1) cab_unstore and (2) cab_extract functions in libclamav/cab.c in Clam AntiVirus (ClamAV) prior to 0.90.2 allow remote malicious users to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed compar...
Clam Anti-virus Clamav 0.90 Rc2
Clam Anti-virus Clamav 0.90 Rc3
Clam Anti-virus Clamav 0.90.2
Clam Anti-virus Clamav 0.90 Rc1.1
Clam Anti-virus Clamav 0.90
Clam Anti-virus Clamav 0.90.1
NA
CVE-2007-3024
libclamav/others.c in ClamAV prior to 0.90.3 and 0.91 prior to 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.
Clam Anti-virus Clamav 0.90 Rc1.1
Clam Anti-virus Clamav 0.90 Rc3
Clam Anti-virus Clamav 0.90
Clam Anti-virus Clamav 0.90.1
Clam Anti-virus Clamav 0.90.2
Clam Anti-virus Clamav 0.90 Rc2
NA
CVE-2007-3122
The parsing engine in ClamAV prior to 0.90.3 and 0.91 prior to 0.91rc1 allows remote malicious users to bypass scanning via a RAR file with a header flag value of 10, which can be processed by WinRAR.
Clam Anti-virus Clamav 0.90 Rc1.1
Clam Anti-virus Clamav 0.90 Rc2
Clam Anti-virus Clamav 0.90.1
Clam Anti-virus Clamav 0.90.2
Clam Anti-virus Clamav 0.90 Rc3
Clam Anti-virus Clamav 0.90
NA
CVE-2007-3123
unrar.c in libclamav in ClamAV prior to 0.90.3 and 0.91 prior to 0.91rc1 allows remote malicious users to cause a denial of service (core dump) via a crafted RAR file with a modified vm_codesize value, which triggers a heap-based buffer overflow.
Clam Anti-virus Clamav 0.90 Rc3
Clam Anti-virus Clamav 0.90.2
Clam Anti-virus Clamav 0.90 Rc1.1
Clam Anti-virus Clamav 0.90 Rc2
Clam Anti-virus Clamav 0.90
Clam Anti-virus Clamav 0.90.1
NA
CVE-2005-1800
Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote malicious users to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php.
Clam Anti-virus Clamav 0.81
Clam Anti-virus Clamav 0.82
Clam Anti-virus Clamav 0.83
Clam Anti-virus Clamav 0.84 Rc2
Clam Anti-virus Clamav 0.84 Rc1
1 EDB exploit
NA
CVE-2005-1923
The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote malicious users to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes ...
Clam Anti-virus Clamav 0.83
Clam Anti-virus Clamav 0.84 Rc2
Clam Anti-virus Clamav 0.85.1
Clam Anti-virus Clamav 0.84 Rc1
Clam Anti-virus Clamav 0.85
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »