GHSA-PJ2V-GGQH-CMQ2 Docling: Unsafe Playwright-based HTML Rendering

Impact In versions = 2.82.0, 2.91.0, if the HTML backend was explicitly configured for rendering rendering option by default deactivated, then the Playwright-based rendering feature could allow JavaScript execution and unrestricted network access when processing untrusted HTML documents. An...

PT-2026-46118

Name of the Vulnerable Software and Affected Versions Docling versions 2.82.0 through 2.90.x Description When the HTML backend is explicitly configured for rendering, the Playwright-based rendering feature allows JavaScript execution and unrestricted network access during the processing of...

PT-2026-46103

Impact In versions = 2.82.0, 2.91.0, if the HTML backend was explicitly configured for rendering rendering option by default deactivated, then the Playwright-based rendering feature could allow JavaScript execution and unrestricted network access when processing untrusted HTML documents. An...

EUVD-2012-6312

Malware in sbrugna...

EUVD-2005-0738

Malware in sbrugna...

EUVD-2019-5106

Malware in sbrugna...

EUVD-2020-27702

Malware in sbrugna...

EUVD-2018-19515

Malware in sbrugna...

EUVD-2023-58812

Malicious code in bioql PyPI...

CVE-2024-6057

Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and earlier allows an attacker that has compromised an access to an RDM instance to bypass the vault master password via the offline mode feature...

CVE-2023-6588

Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and earlier. This allows an attacker with access to the Workspace application to access credentials when offline...

CVE-2021-35054

Minecraft before 1.17.1, when online-mode=false is configured, allows path traversal for deletion of arbitrary JSON files...

CVE-2018-7803

A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex TriStation Emulator V1.2.0, which could cause the emulator to crash when sending a specially crafted packet. The emulator is used infrequently for application logic testing. It is susceptible to an...

CVE-2005-0737

Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode...

Xanthorox AI Surfaces on Dark Web as Full Spectrum Hacking Assistant

New Xanthorox AI hacking platform spotted on dark web with modular tools, offline mode, and advanced voice, image, and code-based cyberattack features...

CVE-2024-6057

Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and earlier allows an attacker that has compromised an access to an RDM instance to bypass the vault master password via the offline mode feature...

CVE-2024-6057

Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and earlier allows an attacker that has compromised an access to an RDM instance to bypass the vault master password via the offline mode feature...

CVE-2024-6057

Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and earlier allows an attacker that has compromised an access to an RDM instance to bypass the vault master password via the offline mode feature...

CVE-2024-6057

CVE-2024-6057 affects Devolutions Remote Desktop Manager (RDM) 2024.1.31.0 and earlier, specifically the vault password feature. The underlying issue is improper authentication that could allow an attacker who already has access to an RDM instance to bypass the vault master password via the offli...

CVE-2024-3545

Improper permission handling in the vault offline cache feature in Devolutions Remote Desktop Manager 2024.1.20 and earlier on windows and Devolutions Server 2024.1.8 and earlier allows an attacker to access sensitive informations contained in the offline cache file by gaining access to a compute...