com.alibaba.cloud.ai:document-parser-apache-pdfbox (>=1.0.0-M5.1 <=1.0.0-M6.1), com.alibaba.cloud.ai:document-parser-bibtex (>=1.0.0-M5.1 <=1.0.0-M6.1) +19 more potentially affected by CVE-2026-40980 via org.springframework.ai:spring-ai-pdf-document-reader (>=1.0.0-M5 <=1.0.1)

org.springframework.ai:spring-ai-pdf-document-reader MAVEN version =1.0.0-M5, =1.0.0-M5.1, =1.0.0-M5.1, =1.0.0.1, =1.0.0.1, =1.0.0.1, =4.2.3, =4.2.3, =4.2.3, =4.2.3, =4.2.3, =4.2.3, =4.2.6 - com.chinagoods.framework.thinkc...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the xlnt::detail::binarywriter::append function in the Compound Document Parser process. An attacker can cause a heap-based buffer overflow by providing specially crafted input to this function during loca...

CVE-2026-3463

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...

EUVD-2026-9285

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...

CVE-2026-3463 xlnt-community xlnt Compound Document binary.hpp append heap-based overflow

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...

xlnt 安全漏洞

xlnt is an open-source C++ language library developed by the xlnt-community. Versions of xlnt 1.6.1 and earlier contain security vulnerabilities. These vulnerabilities stem from a buffer overflow vulnerability in the function xlnt::detail::binarywriter::append located in the...

PT-2026-22730

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binary writer::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...

CVE-2025-66516 Apache Tika core, Apache Tika parsers, Apache Tika PDF parser module: Update to CVE-2025-54988 to expand scope of artifacts affected

Critical XXE in Apache Tika tika-core 1.13-3.2.1, tika-pdf-module 2.0.0-3.2.1 and tika-parsers 1.13-1.28.5 modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. This CVE covers the same vulnerability as in CVE-2025-54988...

PT-2025-44158

Name of the Vulnerable Software and Affected Versions GCC Productions Inc. Fade In version 4.2.0 Description An out-of-bounds write issue exists in the XML parser functionality. A specially crafted .fadein file can trigger this issue, potentially allowing an attacker to provide a malicious file a...

EUVD-2020-19763

Malware in sbrugna...

EUVD-2018-15770

Malware in sbrugna...

EUVD-2020-5793

Malware in sbrugna...

EUVD-2020-19761

Malware in sbrugna...

EUVD-2020-19760

Malware in sbrugna...

EUVD-2018-15764

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2010-3703

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and...

Linux Distros Unpatched Vulnerability : CVE-2020-1950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser in versions 1.0-1.23. CVE-2020-1950 Note that Nessus relies ...

Linux Distros Unpatched Vulnerability : CVE-2024-20505

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the PDF parsing module of Clam AntiVirus ClamAV versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all...

CVE-2024-54028

An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-52035

An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...