Lucene search
K

157 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2013-4081

Malware in sbrugna...

6.8CVSS6.1AI score0.03958EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-0507

Malware in sbrugna...

7.8CVSS7.7AI score0.03449EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-20194

Malware in sbrugna...

6.5CVSS6.4AI score0.02435EPSS
Exploits3References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-2955

Malicious code in bioql PyPI...

7.1CVSS5.8AI score0.04595EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-25948

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.03061EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-10668

Malicious code in bioql PyPI...

5.3CVSS6AI score0.01286EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/29 8:55 p.m.6 views

Security Bulletin: IBM InfoSphere Information Server is affected by an improper input validation vulnerability in Apache POI (CVE-2025-31672)

Summary An improper input validation vulnerability in Apache POI that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-31672 DESCRIPTION: Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xls...

5.3CVSS6.3AI score0.01286EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/09 3:13 p.m.4 views

Security Bulletin: Improper Input Validation in Apache POI OOXML Parsing Allows Ambiguity with Duplicate ZIP Entries (Fixed in poi-ooxml 5.4.0) affects watsonx.data

Summary Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names including the path in the zip. In...

5.3CVSS7.1AI score0.01286EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2016-4434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity XXE...

7.8CVSS7.6AI score0.04758EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/26 5:44 a.m.8 views

Security Bulletin: There is a vulnerability in poi-ooxml-5.3.0.jarused by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-31672)

Summary There is a vulnerability in poi-ooxml-5.3.0.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-31672 DESCRIPTION: Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like...

5.3CVSS6.5AI score0.01286EPSS
Exploits0Affected Software1
Veracode
Veracode
added 2025/04/18 6:28 p.m.25 views

Improper Input Validation

org.apache.poi:poi-ooxml is vulnerable to Improper Input validation. The vulnerability is due to improper input validation due to the lack of checks for duplicate ZIP entry names in OOXML files, which can lead to inconsistent parsing behavior across different products...

5.3CVSS6.6AI score0.01286EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/04/11 12:0 a.m.26 views

Apache POI < 5.4.0 Improper Input Validation

The version of Apache POI installed on the remote host is a version prior to 5.4.0. It is, therefore, affected by an improper input validation vulnerability. The issue affects the parsing of OOXML format files like xlsx, docx, and pptx. These file formats are essentially zip files, and it is...

5.3CVSS6.4AI score0.01286EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/09 11:31 p.m.22 views

CVE-2025-31672

A flaw was found in Apache POI's poi-ooxml component. This vulnerability allows attackers to manipulate file parsing behavior via specially crafted OOXML files containing ZIP entries with duplicate file names. Different systems can interpret these files differently, leading to inconsistent data...

4.4CVSS6.7AI score0.01286EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/04/09 12:30 p.m.40 views

Apache POI OOXML Vulnerable to Improper Input Validation in OOXML File Parsing

Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names including the path in the zip. In this cas...

5.3CVSS6.5AI score0.01286EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2025/04/09 12:30 p.m.15 views

GHSA-GMG8-593G-7MV3 Apache POI OOXML Vulnerable to Improper Input Validation in OOXML File Parsing

Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names including the path in the zip. In this cas...

6.9CVSS6.1AI score0.01286EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2025/04/09 12:30 p.m.8 views

ai.chat2db.excel:easyexcel-plus (=0.0.1), ai.chat2db.excel:easyexcel-plus-core (=0.0.1) +7055 more potentially affected by CVE-2025-31672 via org.apache.poi:poi-ooxml (>=3.5-FINAL <=5.3.0)

org.apache.poi:poi-ooxml MAVEN version =3.5-FINAL, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.0.0, =0.5.1, =1.1.0 and more Source cves: CVE-2025-31672 Source advisory: OSV:GHSA-GMG8-593G-7MV3...

5.3CVSS6.6AI score0.01286EPSS
Exploits0
Snyk
Snyk
added 2025/04/09 12:30 p.m.2 views

Improper Input Validation

Overview org.apache.poi:poi-ooxml is a Java API To Access Microsoft Format Files. Affected versions of this package are vulnerable to Improper Input Validation due to the parsing process of OOXML format files. An attacker can manipulate the file content by adding zip entries with duplicate names,...

6.9CVSS6.7AI score0.01286EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/04/09 12:30 p.m.7 views

ai.chat2db.excel:easyexcel-plus (=0.0.1), ai.chat2db.excel:easyexcel-plus-core (=0.0.1) +3470 more potentially affected by CVE-2025-31672 via org.apache.poi:poi-ooxml (>=5.0.0 <=5.3.0)

org.apache.poi:poi-ooxml MAVEN version =5.0.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.0.0, =0.5.1, =1.1.0 and more Source cves: CVE-2025-31672 Source advisory: SNYK:JAVA-ORGAPACHEPOI-9685010...

5.3CVSS6.6AI score0.01286EPSS
Exploits0
NVD
NVD
added 2025/04/09 12:15 p.m.20 views

CVE-2025-31672

Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names including the path in the zip. In this cas...

5.3CVSS0.01286EPSS
Exploits0References4
CVE
CVE
added 2025/04/09 11:59 a.m.420 views

CVE-2025-31672

CVE-2025-31672 is an Improper Input Validation issue in Apache POI’s OOXML parsing. The root cause is acceptance of duplicate zip entry names (including paths) within OOXML files (xlsx/docx/pptx), which can cause reads of different data depending on which duplicate entry is chosen. Affects poi-oo...

5.3CVSS6.3AI score0.01286EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder