157 matches found
EUVD-2013-4081
Malware in sbrugna...
EUVD-2018-0507
Malware in sbrugna...
EUVD-2021-20194
Malware in sbrugna...
EUVD-2022-2955
Malicious code in bioql PyPI...
EUVD-2022-25948
Malicious code in bioql PyPI...
EUVD-2025-10668
Malicious code in bioql PyPI...
Security Bulletin: IBM InfoSphere Information Server is affected by an improper input validation vulnerability in Apache POI (CVE-2025-31672)
Summary An improper input validation vulnerability in Apache POI that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-31672 DESCRIPTION: Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xls...
Security Bulletin: Improper Input Validation in Apache POI OOXML Parsing Allows Ambiguity with Duplicate ZIP Entries (Fixed in poi-ooxml 5.4.0) affects watsonx.data
Summary Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names including the path in the zip. In...
Linux Distros Unpatched Vulnerability : CVE-2016-4434
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity XXE...
Security Bulletin: There is a vulnerability in poi-ooxml-5.3.0.jarused by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-31672)
Summary There is a vulnerability in poi-ooxml-5.3.0.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-31672 DESCRIPTION: Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like...
Improper Input Validation
org.apache.poi:poi-ooxml is vulnerable to Improper Input validation. The vulnerability is due to improper input validation due to the lack of checks for duplicate ZIP entry names in OOXML files, which can lead to inconsistent parsing behavior across different products...
Apache POI < 5.4.0 Improper Input Validation
The version of Apache POI installed on the remote host is a version prior to 5.4.0. It is, therefore, affected by an improper input validation vulnerability. The issue affects the parsing of OOXML format files like xlsx, docx, and pptx. These file formats are essentially zip files, and it is...
CVE-2025-31672
A flaw was found in Apache POI's poi-ooxml component. This vulnerability allows attackers to manipulate file parsing behavior via specially crafted OOXML files containing ZIP entries with duplicate file names. Different systems can interpret these files differently, leading to inconsistent data...
Apache POI OOXML Vulnerable to Improper Input Validation in OOXML File Parsing
Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names including the path in the zip. In this cas...
GHSA-GMG8-593G-7MV3 Apache POI OOXML Vulnerable to Improper Input Validation in OOXML File Parsing
Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names including the path in the zip. In this cas...
ai.chat2db.excel:easyexcel-plus (=0.0.1), ai.chat2db.excel:easyexcel-plus-core (=0.0.1) +7055 more potentially affected by CVE-2025-31672 via org.apache.poi:poi-ooxml (>=3.5-FINAL <=5.3.0)
org.apache.poi:poi-ooxml MAVEN version =3.5-FINAL, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.0.0, =0.5.1, =1.1.0 and more Source cves: CVE-2025-31672 Source advisory: OSV:GHSA-GMG8-593G-7MV3...
Improper Input Validation
Overview org.apache.poi:poi-ooxml is a Java API To Access Microsoft Format Files. Affected versions of this package are vulnerable to Improper Input Validation due to the parsing process of OOXML format files. An attacker can manipulate the file content by adding zip entries with duplicate names,...
ai.chat2db.excel:easyexcel-plus (=0.0.1), ai.chat2db.excel:easyexcel-plus-core (=0.0.1) +3470 more potentially affected by CVE-2025-31672 via org.apache.poi:poi-ooxml (>=5.0.0 <=5.3.0)
org.apache.poi:poi-ooxml MAVEN version =5.0.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.0.0, =0.5.1, =1.1.0 and more Source cves: CVE-2025-31672 Source advisory: SNYK:JAVA-ORGAPACHEPOI-9685010...
CVE-2025-31672
Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names including the path in the zip. In this cas...
CVE-2025-31672
CVE-2025-31672 is an Improper Input Validation issue in Apache POI’s OOXML parsing. The root cause is acceptance of duplicate zip entry names (including paths) within OOXML files (xlsx/docx/pptx), which can cause reads of different data depending on which duplicate entry is chosen. Affects poi-oo...