Lucene search
K

239 matches found

Cvelist
Cvelist
added 2025/09/22 12:0 a.m.9 views

CVE-2025-59800

In Artifex Ghostscript through 10.05.1, ocrbeginpage in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocrline8...

4.3CVSS0.00166EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/22 12:0 a.m.1 views

Artifex Ghostscript 输入验证错误漏洞

Artifex Ghostscript is the United States Artifex company's set of Adobe-based, PostScript and portable document format page description language and compiled into the free software. A heap buffer overflow vulnerability exists in the Artifex Ghostscript ocrbeginpage function, which can be exploite...

5.5CVSS6.3AI score0.00166EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/22 12:0 a.m.3 views

CVE-2025-59800

In Artifex Ghostscript through 10.05.1, ocrbeginpage in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocrline8...

4.3CVSS7AI score0.00166EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/08/21 12:30 a.m.11 views

card-ocr-fastmcp (=1.0.0) potentially affected by CVE-2025-9262 via @wong2/mcp-cli (=1.13.0)

@wong2/mcp-cli NPM version =1.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on @wong2/mcp-cli and may be impacted: - card-ocr-fastmcp =1.0.0 Source cves: CVE-2025-9262 Source advisory: OSV:GHSA-P6RM-483J-37JF...

8.1CVSS6.1AI score0.05236EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/08/20 11:44 p.m.6 views

card-ocr-fastmcp (=1.0.0) potentially affected by CVE-2025-9262 via @wong2/mcp-cli (=1.13.0)

@wong2/mcp-cli NPM version =1.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on @wong2/mcp-cli and may be impacted: - card-ocr-fastmcp =1.0.0 Source cves: CVE-2025-9262 Source advisory: SNYK:JS-WONG2MCPCLI-12205740...

8.1CVSS6.1AI score0.05236EPSS
Exploits1
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-21456 Malicious code in git-ocr (npm)

The package git-ocr was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in git-ocr (npm)

The package git-ocr was found to contain malicious code...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/07/28 12:0 a.m.4 views

HP PageWide and OfficeJet Printers Local Code Execution (CVE-2020-28416)

HP has identified a security vulnerability with the I.R.I.S. OCR Optical Character Recognition software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution. This plugin only works with Tenable.ot. Please visit...

7.8CVSS7.2AI score0.00366EPSS
Exploits0References2
Securelist
Securelist
added 2025/06/23 8:0 a.m.5 views

SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play

Update 25.06.2025: Apple removed the malicious app from the App Store. In January 2025, we uncovered the SparkCat spyware campaign, which was aimed at gaining access to victims' crypto wallets. The threat actor distributed apps containing a malicious SDK/framework. This component would wait for a...

6.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:13 p.m.5 views

CVE-2021-36081

Tesseract OCR 5.0.0-alpha-20201231 has a oneellconflict use-after-free during a strpbrk call...

7.8CVSS6.9AI score0.00887EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/11 12:5 a.m.7 views

CVE-2025-32036

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. The algorithm used to generate the captcha image shows the least complexity of the desired image. For this reason, the created image can be easily read by OCR tools, and the intruder can send...

6.5CVSS6.6AI score0.00271EPSS
Exploits0References1
NVD
NVD
added 2025/04/08 6:16 p.m.10 views

CVE-2025-32036

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. The algorithm used to generate the captcha image shows the least complexity of the desired image. For this reason, the created image can be easily read by OCR tools, and the intruder can send...

6.5CVSS0.00271EPSS
Exploits0References2
OSV
OSV
added 2025/04/08 6:6 p.m.6 views

CVE-2025-32036 DNN allows the possibility of bypassing Captcha

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. The algorithm used to generate the captcha image shows the least complexity of the desired image. For this reason, the created image can be easily read by OCR tools, and the intruder can send...

4.2CVSS6.4AI score0.00271EPSS
Exploits0References4
CVE
CVE
added 2025/04/08 6:6 p.m.67 views

CVE-2025-32036

CVE-2025-32036 affects DNN (DotNetNuke) where the captcha generation algorithm has low complexity, enabling OCR-based bypass of CAPTCHA. Multiple connected sources (PT-Security and Red Hat advisories) confirm the issue and identify the fixed version as 9.13.8, with prior versions vulnerable. Prac...

6.5CVSS6.8AI score0.00271EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/04/08 6:6 p.m.11 views

CVE-2025-32036 DNN allows the possibility of bypassing Captcha

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. The algorithm used to generate the captcha image shows the least complexity of the desired image. For this reason, the created image can be easily read by OCR tools, and the intruder can send...

4.2CVSS0.00271EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2021-36081

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tesseract OCR 5.0.0-alpha-20201231 has a oneellconflict use-after-free during a strpbrk call. CVE-2021-36081 Note that Nessus relies on the presence of the...

7.8CVSS7.1AI score0.00887EPSS
Exploits1References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/28 4:25 p.m.4 views

Malicious code in cmp-ocr-liveness-acquisition (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 867eeaa4b91a53b10e36a59a627a3ea2e8164a4ec9b0d9f3829fb936f71330bf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Securelist
Securelist
added 2025/02/05 8:0 a.m.12 views

Take my money: OCR crypto stealers in Google Play and App Store

Update 07.02.2025: Google removed malicious apps from Google Play. Update 06.02.2025: Apple removed malicious apps from the App Store. In March 2023, researchers at ESET discovered malware implants embedded into various messaging app mods. Some of these scanned users' image galleries in search of...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-38680

Name of the Vulnerable Software and Affected Versions Artifex Ghostscript versions through 10.05.1 Description The ocr begin page function within devices/gdevpdfocr.c is susceptible to an integer overflow, which can result in a heap-based buffer overflow in the ocr line8 function. Recommendations...

5.5CVSS6AI score0.00188EPSS
Exploits0References48
Malwarebytes
Malwarebytes
added 2024/10/25 3:56 p.m.12 views

100 million US citizens officially impacted by Change Healthcare data breach

In April, we reported that a “substantial proportion” of Americans may have had their health and personal data stolen in the Change Healthcare breach. That was based on a report provided by the UnitedHealth Group after the February cyberattack on its subsidiary Change Healthcare. The attack on...

7.4AI score
Exploits0
Rows per page
Query Builder