Search CVE reports


Toggle filters

1 – 10 of 179 results


CVE-2026-20244

Medium priority
Needs evaluation

Fixed 32-bit DMG parser size checks that could let a short mish stripe table pass validation and crash 32-bit scanner builds.

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-20243

Medium priority
Needs evaluation

Fixed ALZ parser size handling bugs that could cause malformed ALZ archives to panic, abort the scanner, or skip expected scan-limit handling.

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-20217

Medium priority
Needs evaluation

Fixed a bug in the PESpin unpacker cleanup path that could free pointers into the scanned file buffer and crash the scanner.

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-20216

Medium priority
Needs evaluation

Fixed an InstallShield archive extraction limit bypass that could write far more temporary data than intended and exhaust temporary storage.

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-20215

Medium priority
Needs evaluation

Fixed a 7z parser substream count overflow that could under-allocate parser metadata arrays and write past them while reading a malformed archive.

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-20214

Medium priority
Needs evaluation

Fixed an FSG unpacker loop underflow that could write past the section array while scanning a malformed PE file.

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-20213

Medium priority
Needs evaluation

Fixed an integer overflow in PE rebuild size calculations that could be reached through a malformed Aspack-packed PE file and lead to a heap buffer overflow write.

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-42250

Low priority
Needs evaluation

bzip2 contains an off‑by‑one error in the bzip2recover utility. When processing a specially crafted file, the application performs an out‑of‑bounds write to a global buffer, resulting in memory corruption and a crash (denial of...

2 affected packages

bzip2, clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
bzip2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
clamav Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2026-20031

Medium priority

Some fixes available 4 of 8

A vulnerability in the HTML Cascading Style Sheets (CSS) module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper...

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2020-37167

Medium priority
Fixed

ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through the ClamBC bytecode interpreter that allows attackers to manipulate bytecode function names. Attackers can exploit the weak input...

1 affected package

clamav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
clamav Not affected Not affected Fixed Fixed
Show less packages