Skip to main content

Secure Endpoint

18 CVEs product

Monthly

CVE-2026-20244 HIGH PATCH This Week

Denial of service in ClamAV's DMG file format parser allows a remote, unauthenticated attacker to crash the scanning engine by submitting a crafted Apple Disk Image (DMG) for inspection. The flaw stems from an integer overflow triggered during boundary checks on DMG content and manifests only on 32-bit builds of ClamAV; memory corruption raises the theoretical possibility of expanded impact beyond a crash, though only DoS is described. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.

Buffer Overflow Secure Endpoint Clamav Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-20243 HIGH PATCH This Week

Denial of service in ClamAV's ALZ archive parser allows an unauthenticated, remote attacker to crash the scanning engine by submitting a crafted ALZ file, with the vendor noting possible expanded impact beyond DoS. The flaw is a heap out-of-bounds write triggered during scanning, and because ClamAV is commonly deployed as an automated mail/upload gateway scanner, an attacker only needs to get a malicious file scanned. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.

Buffer Overflow Secure Endpoint Clamav Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-20217 HIGH PATCH This Week

Availability-impacting out-of-bounds write in ClamAV's PESpin file-format parser lets an unauthenticated remote attacker crash the scanning engine by submitting a crafted PESpin-packed file for scanning. Because ClamAV frequently sits inline on mail gateways, file-upload paths, and proxies, a single malicious sample can terminate the scanning process and produce a denial of service; the memory corruption may permit expanded impact beyond DoS though only crash impact is confirmed. There is no public exploit identified at time of analysis and it is not on CISA KEV, with EPSS not provided.

Buffer Overflow Secure Endpoint Clamav Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-20216 HIGH PATCH This Week

Denial of service in ClamAV's InstallShield file format parser allows a remote, unauthenticated attacker (per CVSS PR:N) to crash the scanning engine and temporarily exhaust system resources by submitting a specially crafted InstallShield file for scanning. The flaw stems from improper handling of temporary resources during file scanning (CWE-770), impacting availability only (C:N/I:N/A:H) with no code execution or data exposure. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the network attack vector and low complexity make it easy to trigger anywhere ClamAV automatically scans attacker-supplied files.

Denial Of Service Secure Endpoint Clamav Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-20215 HIGH PATCH This Week

Denial of service in ClamAV's 7z archive scanner allows a remote, unauthenticated attacker to crash the scanning process by submitting a crafted 7z file, resulting in an out-of-bounds heap write (CWE-120). Because ClamAV is commonly deployed inline on mail gateways and upload-scanning pipelines, a single malicious attachment can be delivered without any interaction or credentials. No public exploit identified at time of analysis and the flaw is not listed in CISA KEV, though Cisco (ClamAV's maintainer) rates confidentiality/integrity impact as none and availability as high.

Buffer Overflow Secure Endpoint Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-20214 HIGH PATCH This Week

Denial of service in ClamAV's FSG file format parser allows an unauthenticated remote attacker to crash the scanning engine, and potentially achieve broader memory-corruption impact, by submitting a crafted FSG-compressed portable executable to be scanned. The flaw stems from an out-of-bounds buffer write during FSG decompression, affecting any deployment that scans attacker-supplied files. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, though the network-reachable, no-authentication, no-interaction nature (CVSS 7.5) makes it a meaningful availability risk for mail/file-scanning gateways.

Buffer Overflow Secure Endpoint Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2026-20213 HIGH PATCH This Week

Denial of service in ClamAV's PE (Portable Executable) file format parser lets an unauthenticated, remote attacker crash the scanning engine by submitting a crafted PE file for scanning, triggering an out-of-bounds buffer write (CWE-120). Reported by Cisco PSIRT (ClamAV's maintainer), the flaw carries CVSS 7.5 with an availability-only impact; the advisory notes memory corruption could 'possibly' enable expanded impacts beyond DoS. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.

Buffer Overflow Secure Endpoint Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2025-20234 MEDIUM PATCH This Month

A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability by submitting a crafted file containing UDF content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software. For a description of this vulnerability, see the .

Buffer Overflow Information Disclosure Denial Of Service Ubuntu Debian +4
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2025-20128 MEDIUM PATCH This Month

A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Cisco Buffer Overflow Denial Of Service Clamav +3
NVD
CVSS 3.1
5.3
EPSS
1.6%
CVE-2023-20084 MEDIUM This Month

A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. Rated medium severity (CVSS 4.4). No vendor patch available.

Cisco Information Disclosure Microsoft Secure Endpoint Secure Endpoint Private Cloud
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-20212 HIGH This Week

A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Secure Endpoint Secure Endpoint Private Cloud
NVD
CVSS 3.1
7.5
EPSS
2.6%
CVE-2023-20197 HIGH This Week

A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Secure Endpoint Secure Endpoint Private Cloud Fedora
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-20052 MEDIUM This Month

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Secure Endpoint Secure Endpoint Private Cloud Clamav Stormshield Network Security
NVD
CVSS 3.1
5.3
EPSS
7.0%
CVE-2023-20032 CRITICAL Act Now

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Secure Endpoint Secure Endpoint Private Cloud +3
NVD
CVSS 3.1
9.8
EPSS
29.3%
CVE-2022-20796 MEDIUM This Month

On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Clamav Secure Endpoint Fedora Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-20785 HIGH This Week

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Clamav Secure Endpoint Fedora Debian Linux
NVD
CVSS 3.1
7.5
EPSS
6.6%
CVE-2022-20771 HIGH This Week

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Clamav Secure Endpoint Fedora Debian Linux
NVD
CVSS 3.1
7.5
EPSS
5.5%
CVE-2022-20770 HIGH This Week

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Clamav Secure Endpoint Fedora Debian Linux
NVD
CVSS 3.1
7.5
EPSS
6.6%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in ClamAV's DMG file format parser allows a remote, unauthenticated attacker to crash the scanning engine by submitting a crafted Apple Disk Image (DMG) for inspection. The flaw stems from an integer overflow triggered during boundary checks on DMG content and manifests only on 32-bit builds of ClamAV; memory corruption raises the theoretical possibility of expanded impact beyond a crash, though only DoS is described. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.

Buffer Overflow Secure Endpoint Clamav +2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in ClamAV's ALZ archive parser allows an unauthenticated, remote attacker to crash the scanning engine by submitting a crafted ALZ file, with the vendor noting possible expanded impact beyond DoS. The flaw is a heap out-of-bounds write triggered during scanning, and because ClamAV is commonly deployed as an automated mail/upload gateway scanner, an attacker only needs to get a malicious file scanned. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.

Buffer Overflow Secure Endpoint Clamav +2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Availability-impacting out-of-bounds write in ClamAV's PESpin file-format parser lets an unauthenticated remote attacker crash the scanning engine by submitting a crafted PESpin-packed file for scanning. Because ClamAV frequently sits inline on mail gateways, file-upload paths, and proxies, a single malicious sample can terminate the scanning process and produce a denial of service; the memory corruption may permit expanded impact beyond DoS though only crash impact is confirmed. There is no public exploit identified at time of analysis and it is not on CISA KEV, with EPSS not provided.

Buffer Overflow Secure Endpoint Clamav +2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in ClamAV's InstallShield file format parser allows a remote, unauthenticated attacker (per CVSS PR:N) to crash the scanning engine and temporarily exhaust system resources by submitting a specially crafted InstallShield file for scanning. The flaw stems from improper handling of temporary resources during file scanning (CWE-770), impacting availability only (C:N/I:N/A:H) with no code execution or data exposure. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the network attack vector and low complexity make it easy to trigger anywhere ClamAV automatically scans attacker-supplied files.

Denial Of Service Secure Endpoint Clamav +2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in ClamAV's 7z archive scanner allows a remote, unauthenticated attacker to crash the scanning process by submitting a crafted 7z file, resulting in an out-of-bounds heap write (CWE-120). Because ClamAV is commonly deployed inline on mail gateways and upload-scanning pipelines, a single malicious attachment can be delivered without any interaction or credentials. No public exploit identified at time of analysis and the flaw is not listed in CISA KEV, though Cisco (ClamAV's maintainer) rates confidentiality/integrity impact as none and availability as high.

Buffer Overflow Secure Endpoint Red Hat +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in ClamAV's FSG file format parser allows an unauthenticated remote attacker to crash the scanning engine, and potentially achieve broader memory-corruption impact, by submitting a crafted FSG-compressed portable executable to be scanned. The flaw stems from an out-of-bounds buffer write during FSG decompression, affecting any deployment that scans attacker-supplied files. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, though the network-reachable, no-authentication, no-interaction nature (CVSS 7.5) makes it a meaningful availability risk for mail/file-scanning gateways.

Buffer Overflow Secure Endpoint Red Hat +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in ClamAV's PE (Portable Executable) file format parser lets an unauthenticated, remote attacker crash the scanning engine by submitting a crafted PE file for scanning, triggering an out-of-bounds buffer write (CWE-120). Reported by Cisco PSIRT (ClamAV's maintainer), the flaw carries CVSS 7.5 with an availability-only impact; the advisory notes memory corruption could 'possibly' enable expanded impacts beyond DoS. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.

Buffer Overflow Secure Endpoint Red Hat +1
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability by submitting a crafted file containing UDF content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software. For a description of this vulnerability, see the .

Buffer Overflow Information Disclosure Denial Of Service +6
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Cisco Buffer Overflow +5
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. Rated medium severity (CVSS 4.4). No vendor patch available.

Cisco Information Disclosure Microsoft +2
NVD
EPSS 3% CVSS 7.5
HIGH This Week

A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Secure Endpoint Secure Endpoint Private Cloud
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Secure Endpoint Secure Endpoint Private Cloud +1
NVD
EPSS 7% CVSS 5.3
MEDIUM This Month

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Secure Endpoint Secure Endpoint Private Cloud +2
NVD
EPSS 29% CVSS 9.8
CRITICAL Act Now

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service +5
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Clamav Secure Endpoint +2
NVD
EPSS 7% CVSS 7.5
HIGH This Week

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Clamav Secure Endpoint +2
NVD
EPSS 5% CVSS 7.5
HIGH This Week

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Clamav Secure Endpoint +2
NVD
EPSS 7% CVSS 7.5
HIGH This Week

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Clamav Secure Endpoint +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy