Security Bulletin: IBM i Access Client Solutions is vulnerable to an attacker carrying out an XML External Entity injection via a crafted XFA file inside of a PDF (CVE-2025-66516)

Summary IBM i Access Client Solutions is vulnerable to an attacker carrying out an XML External Entity injection via a crafted XFA file inside of a PDF CVE-2025-66516. Apache Tika is used by the Run SQL Scripts feature of IBM i Access Client Solutions to determine the content type of binary colum...

Critical: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14.2 for Spring Boot release.

Red Hat build of Apache Camel 4.14.2 for Spring Boot patch release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Linux Distros Unpatched Vulnerability : CVE-2018-1335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line o...

EUVD-2018-0614

Malware in sbrugna...

EUVD-2019-0618

Malware in sbrugna...

EUVD-2018-0628

Malware in sbrugna...

CVE-2025-54988 vulnerabilities

Vulnerabilities for packages: elasticsearch, elasticsearch-fips, opensearch...

USN-7529-1 tika vulnerabilities

It was discovered that Apache Tika can have an excessive memory usage by using a crafted or corrupt PSD file. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2020-1950, CVE-2020-1951 It was discovered that Apache Tika...

PT-2022-20015 · Apache +4 · Apache Tika +4

Name of the Vulnerable Software and Affected Versions: Apache Tika versions prior to 1.28.3 Apache Tika versions prior to 2.4.0 Description: A regular expression in the StandardsText class, used by the StandardsExtractingContentHandler, could lead to a denial of service caused by backtracking on ...

PT-2020-2662 · Apache +2 · Apache Tika +2

Name of the Vulnerable Software and Affected Versions: Apache Tika versions 1.0 through 1.23 Description: The issue is related to excessive memory usage caused by a carefully crafted or corrupt PSD file in Apache Tika's PSDParser. This can lead to a denial of service. The estimated number of...

ai.idylnlp:idylnlp-nlp-language-detection-tika (>=1.0.0 <=1.1.0), au.com.turingg:turingg-files (=0.0.1) +1122 more potentially affected by CVE-2018-11761 via org.apache.tika:tika-core (>=0.10 <=1.19)

org.apache.tika:tika-core MAVEN version =0.10, =1.0.0, =4.2.0, =1.0.68, =3.6.1, =3.11.0, =1.0.0, =4.6.0, =5.6.100, =2.0.6, =1.0.10, =1.0.12, =1.0.32 and more Source cves: CVE-2018-11761 Source advisory: OSV:GHSA-6JQ2-789Q-FFF2...

tika: XML External Entity vulnerability

It was found that the parsing of OOXML, XMP in PDF, and some other file formats by Apache Tika would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XX...