FPDI 资源管理错误漏洞

FPDI is an open-source PDF reading software developed by Setasign GmbH & Co. KG. Versions of FPDI prior to 2.6.7 contained a resource management vulnerability. This vulnerability allowed attackers to upload malicious PDF files, causing server-side scripts to crash due to memory exhaustion or scri...

ai.telosforge:kimaira-starter-etl (>=1.2.4 <=1.2.6), cn.echoparrot:echoparrot-application (=25.4.0) +12 more potentially affected by CVE-2026-40980 via org.springframework.ai:spring-ai-pdf-document-reader (>=1.1.0 <=1.1.2)

org.springframework.ai:spring-ai-pdf-document-reader MAVEN version =1.1.0, =1.2.4, =25.4.0, =1.1.0.0, =1.1.0.0, =1.1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =.30.0.rc1, =.30.0.rc1, =.30.0.rc1, =3.30.0.rc16 Source cves: CVE-2026-40980 Source advisory: OSV:GHSA-26GG-9GV2-V27J...

com.alibaba.cloud.ai:document-parser-apache-pdfbox (>=1.0.0-M5.1 <=1.0.0-M6.1), com.alibaba.cloud.ai:document-parser-bibtex (>=1.0.0-M5.1 <=1.0.0-M6.1) +19 more potentially affected by CVE-2026-40980 via org.springframework.ai:spring-ai-pdf-document-reader (>=1.0.0-M5 <=1.0.1)

org.springframework.ai:spring-ai-pdf-document-reader MAVEN version =1.0.0-M5, =1.0.0-M5.1, =1.0.0-M5.1, =1.0.0.1, =1.0.0.1, =1.0.0.1, =4.2.3, =4.2.3, =4.2.3, =4.2.3, =4.2.3, =4.2.3, =4.2.6 - com.chinagoods.framework.thinkc...

PT-2026-29532

An arbitrary file overwrite vulnerability in Docudepot PDF Reader: PDF Viewer APP v1.0.34 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

Ora Tools PDF Reader 安全漏洞

Ora Tools PDF Reader is a document reading tool developed by Ora Tools Corporation in China. It supports browsing and basic processing of PDF files. There is a security vulnerability in the APPv4.3.5 version of Ora Tools PDF Reader. This vulnerability stems from the possibility of arbitrary file...

CVE-2022-37379

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2025-65815

A lack of security checks in the file import process of AB TECHNOLOGY Document Reader: PDF, DOC, PPT v65.0 allows attackers to execute a directory traversal...

EUVD-2025-202433

A lack of security checks in the file import process of AB TECHNOLOGY Document Reader: PDF, DOC, PPT v65.0 allows attackers to execute a directory traversal...

CVE-2025-65815

A lack of security checks in the file import process of AB TECHNOLOGY Document Reader: PDF, DOC, PPT v65.0 allows attackers to execute a directory traversal...

CVE-2025-65815

A lack of security checks in the file import process of AB TECHNOLOGY Document Reader: PDF, DOC, PPT v65.0 allows attackers to execute a directory traversal...

AB Document Reader: PDF, DOC, PPT 安全漏洞

AB Document Reader: PDF, DOC, PPT is a document reader from AB. A security vulnerability exists in AB Document Reader: PDF, DOC, PPT version 65.0, which stems from a lack of security checks during the file import process and can lead to directory traversal...

CVE-2025-65815

A lack of security checks in the file import process of AB TECHNOLOGY Document Reader: PDF, DOC, PPT v65.0 allows attackers to execute a directory traversal...

CVE-2025-65815

A lack of security checks in the file import process of AB TECHNOLOGY Document Reader: PDF, DOC, PPT v65.0 allows attackers to execute a directory traversal...

PT-2025-50351

Name of the Vulnerable Software and Affected Versions AB TECHNOLOGY Document Reader: PDF, DOC, PPT version 65.0 Description A security flaw exists in the file import process of the software, potentially allowing attackers to execute a directory traversal. This occurs due to missing security check...

CVE-2025-65815

CVE-2025-65815 affects AB TECHNOLOGY Document Reader: PDF, DOC, PPT v65.0. The vulnerability arises from a lack of security checks in the file import process, enabling directory traversal. Impact is limited to potential disclosure or manipulation via crafted imports as described; exploitation sta...

EUVD-2025-35625

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

EUVD-2022-50934

Malicious code in bioql PyPI...

EUVD-2023-55069

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-37819

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PDF Labs pdftk-java v3.2.3 was discovered to contain an infinite loop via the component /text/pdf/PdfReader.java. CVE-2021-37819 Note that Nessus relies on the...

CVE-2023-50254

Deepin Linux's default document reader deepin-reader software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution RCE can be achieved by...