Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2024-3420

Malicious code in bioql PyPI...

2.3CVSS6.5AI score0.12493EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/05/23 10:47 a.m.6 views

CVE-2024-52800

veraPDF is an open source PDF/A validation library. Executing policy checks using custom schematron files via the CLI invokes an XSL transformation that may theoretically lead to a remote code execution RCE vulnerability. This doesn't affect the standard validation and policy checks functionality...

2.3CVSS7.8AI score0.12493EPSS
Exploits0References1
OSV
OSVadded 2024/12/02 5:15 p.m.2 views

GHSA-4CX5-89VM-833X veraPDF CLI has potential XXE (XML External Entity Injection) vulnerability

Impact Executing policy checks using custom schematron files via the CLI invokes an XSL transformation that may theoretically lead to a remote code execution RCE vulnerability. Patches We are currently working on a patch that will be released when ready. Workarounds This doesn't affect the standa...

2.3CVSS6.4AI score0.12493EPSS
Exploits0References4
CVE
CVEadded 2024/11/29 6:20 p.m.52 views

CVE-2024-52800

The CVE-2024-52800 issue affects veraPDF: when executing policy checks via the CLI using custom Schematron-based policy files, an XSL transformation may enable a remote code execution (RCE) or XXE-type vector. The vulnerability concerns the policy-check workflow (policy profiles with user-provide...

2.3CVSS7.7AI score0.12493EPSS
Exploits0References2
OSV
OSVadded 2024/11/29 6:20 p.m.2 views

CVE-2024-52800 Potential XXE (XML External Entity Injection) vulnerability in veraPDF CLI

veraPDF is an open source PDF/A validation library. Executing policy checks using custom schematron files via the CLI invokes an XSL transformation that may theoretically lead to a remote code execution RCE vulnerability. This doesn't affect the standard validation and policy checks functionality...

2.3CVSS7.8AI score0.12493EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2024/11/03 12:0 a.m.4 views

PT-2024-8938 · Verapdf · Verapdf

Name of the Vulnerable Software and Affected Versions: veraPDF affected versions not specified Description: The issue is related to the execution of policy checks using custom schematron files via the CLI, which invokes an XSL transformation that may theoretically lead to a remote code execution...

2.3CVSS7.9AI score0.12493EPSS
Exploits0References8
Veracode
Veracodeadded 2024/04/04 10:31 a.m.16 views

XML Injection

verapdf is vulnerable to Remote Code Execution RCE. The vulnerability is caused by executing policy checks using custom schematron files, which invokes an XSL transformation that could lead to code execution...

8.1CVSS7.6AI score0.01159EPSS
Exploits0References5Affected Software2
Positive Technologies
Positive Technologiesadded 2024/03/28 12:0 a.m.4 views

PT-2024-22267 · Unknown · Verapdf-Library

Name of the Vulnerable Software and Affected Versions: veraPDF-library versions prior to 1.24.2 Description: The veraPDF-library, a PDF/A validation library, has a remote code execution RCE vulnerability when executing policy checks using custom schematron files. This invokes an XSL transformatio...

8.1CVSS8.1AI score0.01159EPSS
Exploits0References11
Rows per page
Query Builder