Clamav Security Vulnerabilities (CVEs)
Track 9 security vulnerabilities affecting Clamav products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A critical buffer overflow vulnerability in ClamAV's PDF scanning allows remote attackers to crash the antivirus service or potentially execute arbitr...
Jun 18, 2025A memory overread vulnerability in ClamAV's Universal Disk Format (UDF) processing allows unauthenticated remote attackers to cause denial of service ...
Jun 18, 2025An out-of-bounds read vulnerability in ClamAV's PDF parsing module allows remote attackers to cause denial of service by submitting crafted PDF files....
Sep 4, 2024A vulnerability in ClamAV's HTML parser allows remote attackers to cause denial of service by submitting crafted HTML files. This affects systems runn...
Apr 18, 2024A heap buffer overflow vulnerability in ClamAV's HFS+ partition file parser allows remote unauthenticated attackers to execute arbitrary code or cause...
Mar 1, 2023A vulnerability in the CHM file parser of ClamAV allows an unauthenticated remote attacker to cause a denial of service condition on affected devices....
May 4, 2022This vulnerability in ClamAV's OOXML parsing module allows remote attackers to crash the antivirus scanning process by sending specially crafted OOXML...
Jan 14, 2022This vulnerability in ClamAV's email parsing module allows an unauthenticated remote attacker to cause a denial of service by sending a crafted email,...
Apr 8, 2021This vulnerability in ClamAV's Excel macro parser allows remote attackers to cause denial of service by sending specially crafted Excel files. When ex...
Apr 8, 2021Why Monitor Clamav Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 9+ known vulnerabilities affecting Clamav products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Clamav packages in under 60 seconds. No agents required - completely agentless scanning that works across Clamav deployments.
Free vulnerability database: Access detailed information about every Clamav CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Clamav CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
