Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

F5 Networks
F5 Networksadded 2026/01/19 5:9 a.m.10 views

K000159609: Apache Tika vulnerability CVE-2025-66516

Security Advisory Description Critical XXE in Apache Tika tika-core 1.13-3.2.1, tika-pdf-module 2.0.0-3.2.1 and tika-parsers 1.13-1.28.5 modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. This CVE covers the same...

9.8CVSS7AI score0.01579EPSS
Exploits5
Tenable Nessus
Tenable Nessusadded 2025/12/11 12:0 a.m.5 views

Apache Tika < 3.2.2 XML External Entity

According to its banner, the version of Apache Tika running on the remote host is prior to 3.2.2. It is, therefore, affected by an XML External Entity XXE vulnerability via a crafted XFA file inside of a PDF. Note that the scanner has not tested for these issues but has instead relied only on the...

9.8CVSS7.1AI score0.01579EPSS
Exploits5References2
Vulnrichment
Vulnrichmentadded 2025/12/04 4:17 p.m.7 views

CVE-2025-66516 Apache Tika core, Apache Tika parsers, Apache Tika PDF parser module: Update to CVE-2025-54988 to expand scope of artifacts affected

Critical XXE in Apache Tika tika-core 1.13-3.2.1, tika-pdf-module 2.0.0-3.2.1 and tika-parsers 1.13-1.28.5 modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. This CVE covers the same vulnerability as in CVE-2025-54988...

8.4CVSS8.4AI score0.01579EPSS
Exploits5References2
Tenable Nessus
Tenable Nessusadded 2025/12/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-66516

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Critical XXE in Apache Tika tika-core 1.13-3.2.1, tika-pdf-module 2.0.0-3.2.1 and tika-parsers 1.13-1.28.5 modules on all platforms allows an attacker to carry...

9.8CVSS7.3AI score0.01579EPSS
Exploits6References2
CNNVD
CNNVDadded 2025/12/04 12:0 a.m.5 views

Apache Tika 代码问题漏洞

Apache Tika is a collection of content extraction tools from the Apache Foundation that integrates POI an open source library that uses Java programs to provide read and write functionality for Microsoft Office-formatted documents, Pdfbox a pure Java class library for reading and creating PDF...

9.8CVSS8.6AI score0.01579EPSS
Exploits6References3
OSV
OSVadded 2016/10/31 10:59 a.m.1 views

CVE-2016-8878

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return...

8.8CVSS6.1AI score
Exploits0References2
Rows per page
Query Builder