Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tika vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2015-3271
Apache Tika server (aka tika-server) in Apache Tika 1.9 might allow remote malicious users to read arbitrary files via the HTTP fileUrl header.
Apache Tika 1.9
446
VMScore
CVE-2018-11761
In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.
Apache Tika
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
2 Github repositories
383
VMScore
CVE-2022-25169
The BPG parser in versions of Apache Tika prior to 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files.
Apache Tika
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Primavera Unifier 19.12
Oracle Primavera Unifier 20.12
Oracle Primavera Unifier 21.12
384
VMScore
CVE-2022-30126
In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, whic...
Apache Tika
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Primavera Unifier 19.12
Oracle Primavera Unifier 20.12
Oracle Primavera Unifier 21.12
445
VMScore
CVE-2021-33813
An XXE issue in SAXBuilder in JDOM up to and including 2.0.6 allows malicious users to cause a denial of service via a crafted HTTP request.
Jdom Jdom
Apache Solr 8.8.1
Apache Solr 8.9
Apache Tika 1.25
Debian Debian Linux 9.0
Fedoraproject Fedora 35
Oracle Communications Messaging Server 8.1
1 Github repository
383
VMScore
CVE-2020-1950
A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser in versions 1.0-1.23.
Apache Tika
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Debian Debian Linux 8.0
Oracle Business Process Management Suite 12.2.1.3.0
Canonical Ubuntu Linux 16.04
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Messaging Server 8.1
Oracle Communications Messaging Server 8.0.2
383
VMScore
CVE-2021-28657
A carefully crafted or corrupt file may trigger an infinite loop in Tika's MP3Parser up to and including Tika 1.25. Apache Tika users should upgrade to 1.26 or later.
Apache Tika
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Healthcare Foundation 7.3.0
Oracle Primavera Unifier 20.12
Oracle Communications Messaging Server 8.1
Oracle Healthcare Foundation 8.0.0
Oracle Healthcare Foundation 8.1.0
383
VMScore
CVE-2020-1951
A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 1.0-1.23.
Apache Tika
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Debian Debian Linux 8.0
Oracle Business Process Management Suite 12.2.1.3.0
Canonical Ubuntu Linux 16.04
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Messaging Server 8.1
Oracle Communications Messaging Server 8.0.2
384
VMScore
CVE-2020-9489
A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or corrupted files can also cause out of memory errors and/or infinite loops in Tika's ICNSParser, MP3Parser, MP4Parser, SAS7BDATParser, OneNoteParser and ImageParser. Apache...
Apache Tika 1.24
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Flexcube Private Banking 12.0.0
Oracle Primavera Unifier 16.1
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Messaging Server 8.1
383
VMScore
CVE-2018-12418
Archive.java in Junrar prior to 1.0.1, as used in Apache Tika and other products, is affected by a denial of service vulnerability due to an infinite loop when handling corrupt RAR files.
Junrar Project Junrar
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »