Lucene search
K

192 matches found

Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.12 views

PT-2026-55311

Name of the Vulnerable Software and Affected Versions pdfcpu versions prior to 0.11.2 Description A denial-of-service issue exists where the parser descends recursively through nested PDF objects, including arrays, without enforcing a maximum nesting depth. This occurs within the ParseObjectConte...

7.5CVSS5.9AI score0.00451EPSS
Exploits0References5
OSV
OSV
added 2026/06/26 8:55 p.m.13 views

GHSA-FHP4-PR5J-46M5 Muhammara has a NULL pointer dereference in LZWDecode filter when DecodeParms omits EarlyChange key

Summary A NULL pointer dereference vulnerability exists in PDFParser::CreateFilterForStream when processing a PDF stream with /Filter /LZWDecode and a /DecodeParms dictionary that does not contain the EarlyChange key. This causes an access violation 0xC0000005 and crashes the process. Affected...

7.5CVSS5.8AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.7 views

MiracleLinux 3 : tetex-3.0-33.15.1.0.1.AXS3 (AXSA:2012-906:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-906:01 advisory. TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a...

7.6CVSS6.5AI score0.1427EPSS
Exploits0References9
GithubExploit
GithubExploit
added 2025/12/06 4:21 a.m.712 views

Exploit for Improper Restriction of XML External Entity Reference in Apache Tika

Apache Tika XXE Vulnerability Tester CVE-2025-54988 A compr...

9.8CVSS9.2AI score0.02962EPSS
Exploits4
Github Security Blog
Github Security Blog
added 2025/12/04 6:30 p.m.12 views

Apache Tika has XXE vulnerability

Critical XXE in Apache Tika tika-core 1.13-3.2.1, tika-pdf-module 2.0.0-3.2.1 and tika-parsers 1.13-1.28.5 modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. This CVE covers the same vulnerability as in CVE-2025-54988...

9.8CVSS7.2AI score0.79807EPSS
Exploits5References4Affected Software3
EUVD
EUVD
added 2025/10/17 12:31 a.m.5 views

EUVD-2025-34838

In Xpdf 4.05 and earlier, a PDF object loop in a CMap, via the "UseCMap" entry, leads to infinite recursion and a stack overflow...

2.1CVSS6.4AI score0.0016EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-3685

Malware in sbrugna...

7.5CVSS6.4AI score0.03597EPSS
Exploits0References55
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-3687

Malware in sbrugna...

7.5CVSS6.4AI score0.03597EPSS
Exploits0References48
EUVD
EUVD
added 2025/10/07 12:30 a.m.28 views

EUVD-2020-27228

Malware in sbrugna...

8.8CVSS8.8AI score0.40879EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-1798

Malware in sbrugna...

5.5CVSS6.4AI score0.01553EPSS
Exploits1References16
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-1797

Malware in sbrugna...

5.5CVSS7.3AI score0.00974EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-3860

Malware in sbrugna...

5CVSS9.3AI score0.01174EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-0175

Malware in sbrugna...

6.5CVSS6.7AI score0.01635EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-1800

Malware in sbrugna...

7.8CVSS6.9AI score0.01848EPSS
Exploits1References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-1801

Malware in sbrugna...

5.5CVSS6.4AI score0.01474EPSS
Exploits1References13
Veracode
Veracode
added 2025/09/17 5:42 a.m.9 views

XML External Entity Injection (XXE)

org.apache.tika, tika-parser-pdf-module is vulnerable to XML External Entity XXE injection. The vulnerability is due to improper handling of crafted XFA files inside PDFs, which allows an attacker to read sensitive data or trigger malicious requests to internal or third-party servers...

9.8CVSS7AI score0.02962EPSS
Exploits4References11Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2015-8981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows attackers to have unspecified impact via vectors...

9.8CVSS7.5AI score0.02618EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-8378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service...

9.8CVSS7.4AI score0.02172EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/08/20 9:30 p.m.9 views

ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +326 more potentially affected by CVE-2025-54988 via org.apache.tika:tika-parser-pdf-module (>=2.0.0-ALPHA <=3.2.1)

org.apache.tika:tika-parser-pdf-module MAVEN version =2.0.0-ALPHA, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.2.0, =1.0.3.1-JDK21, =1.0.0, =1.0.0, =1.0, =1.4 and more Source cves: CVE-2025-54988 Source advisory: OSV:GHSA-P72G-PV48-7W9X...

9.8CVSS7.5AI score0.02962EPSS
Exploits4
Vulnrichment
Vulnrichment
added 2025/08/20 8:8 p.m.8 views

CVE-2025-54988 Apache Tika PDF parser module: XXE vulnerability in PDFParser's handling of XFA

Critical XXE in Apache Tika tika-parser-pdf-module in Apache Tika 1.13 through and including 3.2.1 on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. An attacker may be able to read sensitive data or trigger malicious requests to...

8.4CVSS7.1AI score0.02962EPSS
Exploits4References1
Rows per page
Query Builder