Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

BDU FSTEC
BDU FSTECadded 2025/07/14 12:0 a.m.1 views

The vulnerability of the PHP library TCPDF, related to deficiencies in the deserialization mechanism, allows attackers to compromise the integrity and accessibility of the protected information.

The vulnerability of the PHP library TCPDF is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of the protected information...

9.7CVSS5.6AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2024-56521

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPTSSLVERIFYHOST and CURLOPTSSLVERIFYPEER are set unsafely. CVE-2024-56521 Note that Ness...

9.8CVSS5.4AI score0.00253EPSS
Exploits0References3
OSV
OSVadded 2024/12/27 5:15 a.m.3 views

DEBIAN-CVE-2024-56522

An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses != aka loose comparison and does not use a constant-time function to compare TCPDF tag hashes...

7.5CVSS5.2AI score0.00155EPSS
Exploits0References1
OSV
OSVadded 2024/12/27 5:15 a.m.1 views

DEBIAN-CVE-2024-56521

An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPTSSLVERIFYHOST and CURLOPTSSLVERIFYPEER are set unsafely...

9.8CVSS5.2AI score0.00253EPSS
Exploits0References1
Snyk
Snykadded 2024/12/27 4:41 a.m.2 views

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to the use of loose comparison != and the absence of a constant-time function in the unserializeTCPDFtag method. Details Serialization is a process of converting an object into a sequence of bytes...

9.8CVSS6.9AI score0.00155EPSS
Exploits0References2
OSV
OSVadded 2018/09/14 8:29 p.m.2 views

UBUNTU-CVE-2018-17057

An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper...

9.8CVSS7.4AI score0.52126EPSS
Exploits7References4
OSV
OSVadded 2017/02/23 7:59 p.m.3 views

DEBIAN-CVE-2017-6100

tcpdf before 6.2.0 uploads files from the server generating PDF-files to an external FTP...

7.5CVSS7.5AI score0.0031EPSS
Exploits0References1
Exploit DB
Exploit DBadded 2015/05/29 12:0 a.m.49 views

TCPDF Library 5.9 - Arbitrary File Deletion

TCPDF library Universal POI Payload to Arbitrary File Deletion + Author: Filippo Roncari + Target: TCPDF library + Version: internalencoding AND !empty$this-internalencoding mbinternalencoding$this-internalencoding; // unset all cla...

7.4AI score
Exploits0
0day.today
0day.todayadded 2015/05/24 12:0 a.m.32 views

TCPDF Library 5.9 Arbitrary File Deletion Vulnerability

TCPDF library versions 5.9 and below suffer from an arbitrary file deletion vulnerability via object injection. TCPDF library Universal POI Payload to Arbitrary File Deletion + Author: Filippo Roncari + Target: TCPDF library + Version: internalencoding...

7.5AI score
Exploits0
securityvulns
securityvulnsadded 2010/04/09 12:0 a.m.26 views

TCPDF library code execution

PHP code execution with tcpdf tag...

2.3AI score
Exploits0References1Affected Software1
Rows per page
Query Builder