Linux Distros Unpatched Vulnerability : CVE-2023-40474

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte...

Autodesk AutoCAD DGN File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DG...

Linux Distros Unpatched Vulnerability : CVE-2018-1000037

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service assert crash via a crafted...

Linux Distros Unpatched Vulnerability : CVE-2020-35535

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibRaw, there is an out-of-bounds read vulnerability within the LibRaw::parseSonySRF function libraw\src\metadata\sony.cpp when processing srf files...

Linux Distros Unpatched Vulnerability : CVE-2018-1000039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or caus...

Linux Distros Unpatched Vulnerability : CVE-2023-26819

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as a: true, b:...

Apache Tika 1.13 - 3.2.1 XXE Vulnerability

Apache Tika is prone to an XML external entity XXE vulnerability in the tika-parser-pdf-module. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

The Silent, Fileless Threat of VShell

The Silent, Fileless Threat of VShell By Sagar Bade · August 21, 2025 Introduction Linux environments are often seen as bastions of security, favored by developers, sysadmins, and security professionals for their stability, transparency, and resistance to malware. Compared to Windows, the attack...

CVE-2025-54988

An XML External Entity injection flaw was found in the Apache Tika tika-parser-pdf-module. This vulnerability allows an attacker to provide a crafted XFA file within a PDF, read sensitive data, or trigger malicious requests to internal resources or third-party servers. Mitigation Mitigation for...

Apache Tika XXE Vulnerability via Crafted XFA File Inside a PDF

Critical XXE in Apache Tika tika-parser-pdf-module in Apache Tika 1.13 through and including 3.2.1 on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. An attacker may be able to read sensitive data or trigger malicious requests to...

CVE-2025-54988

Critical XXE in Apache Tika tika-parser-pdf-module in Apache Tika 1.13 through and including 3.2.1 on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. An attacker may be able to read sensitive data or trigger malicious requests to...

DEBIAN-CVE-2025-54988

Critical XXE in Apache Tika tika-parser-pdf-module in Apache Tika 1.13 through and including 3.2.1 on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. An attacker may be able to read sensitive data or trigger malicious requests to...

CVE-2025-54988

Critical XXE in Apache Tika tika-parser-pdf-module in Apache Tika 1.13 through and including 3.2.1 on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. An attacker may be able to read sensitive data or trigger malicious requests to...

CVE-2011-10029

Solar FTP Server fails to properly handle format strings passed to the USER command. When a specially crafted string containing format specifiers is sent, the server crashes due to a read access violation in the output1 function of sfsservice.exe. This results in a denial of service DoS condition...

CVE-2011-10029

CVE-2011-10029 affects Solar FTP Server (

CVE-2011-10029

Solar FTP Server fails to properly handle format strings passed to the USER command. When a specially crafted string containing format specifiers is sent, the server crashes due to a read access violation in the output1 function of sfsservice.exe. This results in a denial of service DoS condition...

CVE-2011-10029 Solar FTP Server <= 2.1.1 Malformed USER Denial of Service

Solar FTP Server fails to properly handle format strings passed to the USER command. When a specially crafted string containing format specifiers is sent, the server crashes due to a read access violation in the output1 function of sfsservice.exe. This results in a denial of service DoS condition...

CVE-2011-10029 Solar FTP Server <= 2.1.1 Malformed USER Denial of Service

Solar FTP Server fails to properly handle format strings passed to the USER command. When a specially crafted string containing format specifiers is sent, the server crashes due to a read access violation in the output1 function of sfsservice.exe. This results in a denial of service DoS condition...

CVE-2011-10024 MJM Core Player 2011 .s3m File Stack-Based Buffer Overflow

MJM Core Player likely now referred to as MJM Player 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute...

USN-7708-1: poppler vulnerability

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service...