Search CVE reports


Toggle filters

1 – 10 of 179 results


CVE-2026-20244

Medium priority

Some fixes available 3 of 8

A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This...

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2026-20243

Medium priority

Some fixes available 3 of 8

A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This...

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2026-20217

Medium priority

Some fixes available 3 of 8

A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This...

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2026-20216

Medium priority

Some fixes available 3 of 8

A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper handling of temporary...

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2026-20215

Medium priority

Some fixes available 3 of 8

A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This...

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2026-20214

Medium priority

Some fixes available 3 of 8

A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This...

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2026-20213

Medium priority

Some fixes available 3 of 8

A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This...

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2026-42250

Low priority
Needs evaluation

bzip2 contains an off‑by‑one error in the bzip2recover utility. When processing a specially crafted file, the application performs an out‑of‑bounds write to a global buffer, resulting in memory corruption and a crash (denial of...

2 affected packages

bzip2, clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
bzip2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
clamav Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2026-20031

Medium priority

Some fixes available 4 of 8

A vulnerability in the HTML Cascading Style Sheets (CSS) module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper...

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2020-37167

Medium priority
Fixed

ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through the ClamBC bytecode interpreter that allows attackers to manipulate bytecode function names. Attackers can exploit the weak input...

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Not affected Not affected Fixed Fixed
Show less packages