Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/05/04 5:16 p.m.1 views

UBUNTU-CVE-2026-40682

XML External Entity XXE via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The DictionaryEntryPersistor class initializes a static SAXParserFactory at class-load time without enabling FEATURESECUREPROCESSING ...

9.1CVSS5.8AI score0.00127EPSS
Exploits0References6
OSV
OSVadded 2022/08/25 3:15 p.m.0 views

UBUNTU-CVE-2022-22728

A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack...

7.5CVSS7.4AI score0.20249EPSS
Exploits0References6
OSV
OSVadded 2022/05/24 4:59 p.m.1 views

GHSA-9JWC-Q6J3-8G9G Improper Restriction of XML External Entity Reference in Apache POI

In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity XXE Processing...

5.5CVSS6.8AI score0.00033EPSS
Exploits0References15
OSV
OSVadded 2018/09/21 4:26 p.m.2 views

MGASA-2018-0381 Updated xml-security-c packages fix security vulnerability

It was discovered that the Apache XML Security for C++ library performed insufficient validation of KeyInfo hints, which could result in denial of service via NULL pointer dereferences when processing malformed XML data...

7.2AI score
Exploits0References3
RedHat Linux
RedHat Linuxadded 2018/05/31 4:41 p.m.2 views

xmlrpc: Deserialization of untrusted Java object through <ex:serializable> tag

A flaw was discovered in the Apache XML-RPC ws-xmlrpc library that deserializes untrusted data when enabledForExtensions setting is enabled. A remote attacker could use this vulnerability to execute arbitrary code via a crafted serialized Java object in a element...

9.8CVSS6.2AI score0.41523EPSS
Exploits1References4
RedHat Linux
RedHat Linuxadded 2018/05/03 7:4 p.m.1 views

poi: Parsing of multiple file types can cause a denial of service via infinite loop or out of memory exception

Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1 Infinite Loops while parsing crafted WMF, EMF, MSG and macros POI bugs 61338 and 61294, and 2 Out of Memory Exceptions while parsing crafted DOC, PPT and XLS POI bugs 52372 and 61295...

7.5CVSS7.2AI score0.01114EPSS
Exploits3References4
Cvelist
Cvelistadded 2004/09/17 4:0 a.m.30 views

CVE-2004-0786

The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service child process crash via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool...

7.3AI score0.48362EPSS
Exploits0References20
Rows per page
Query Builder