12 matches found
External Control of File Name or Path
Overview docling is a SDK and CLI for parsing PDF, DOCX, HTML, and more, to a unified document representation for powering downstream workflows such as gen AI applications. Affected versions of this package are vulnerable to External Control of File Name or Path in backend/htmlbackend.py, which ...
Security Updates for Microsoft Word Products C2R (May 2026)
The Microsoft Word Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. CVE-2026-40361, CVE-2026-40366 - Access of resource using incompatible type 'type...
Zoom Workplace VDI Plugin Windows Universal Installer 安全漏洞
The Zoom Workplace VDI Plugin Windows Universal Installer is a Windows plugin provided by the US company Zoom, designed for use in virtual desktop infrastructure environments. Versions of the Zoom Workplace VDI Plugin Windows Universal Installer prior to version 6.6.11 contained security...
Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability
Talos Vulnerability Report TALOS-2025-2305 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability May 7, 2026 CVE Number CVE-2026-30817 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore routeup functionality of Tp-Link...
External Control of File Name or Path
Overview @evomap/evolver is an A GEP-powered self-evolution engine for AI agents. Features automated log analysis and Genome Evolution Protocol GEP for auditable, reusable evolution assets. Affected versions of this package are vulnerable to External Control of File Name or Path via the fetch...
PT-2026-20756
Dell Unisphere for PowerMax, versions 10.2, contains an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...
Siemens RUGGEDCOM APE1808, SIMATIC S7-1500 External Control of File Name or Path (CVE-2023-38546)
This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates easy handles that are the individual handles for single transfers. libcurl provides a function...
EUVD-2021-27088
Malware in sbrugna...
EUVD-2025-20616
Malicious code in bioql PyPI...
CVE-2023-6569
External Control of File Name or Path in h2oai/h2o-3...
CVE-2022-2400
External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0...
PT-2022-10731 · Ws-Scrcpy · Ws-Scrcpy
Name of the Vulnerable Software and Affected Versions: ws-scrcpy affected versions not specified Description: The issue allows for external control of file name or path. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...