11 matches found
CVE-2026-44020 Docling: Unsafe XML Entity Expansion in USPTO Patent Backend
Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.13.0 until 2.74.0, the USPTO patent XML parser used the standard xml.sax.parseString without protection against XML External Entity XXE attacks. An attacker could...
Chinese Firms Linked to Silk Typhoon Filed 15+ Patents for Cyber Espionage Tools
Chinese companies linked to the state-sponsored hacking group known as Silk Typhoon aka Hafnium have been identified as behind over a dozen technology patents, shedding light on the shadowy cyber contracting ecosystem and its offensive capabilities. The patents cover forensics and intrusion tools...
brevets-patents.ic.gc.ca Cross Site Scripting vulnerability OBB-3874799
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
brevets-patents.ic.gc.ca Cross Site Scripting vulnerability OBB-3430208
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Mageia: Security Advisory (MGASA-2017-0434)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
patents.com XSS vulnerability
Open Bug Bounty ID: OBB-539521 Description| Value ---|--- Affected Website:| patents.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
MGASA-2017-0434 Updated lame packages fix security vulnerabilities
LAME 3.100 has been released including fixes to security vulnerabilities. Note the MP3 patents have expired...
Updated lame packages fix security vulnerabilities
LAME 3.100 has been released including fixes to security vulnerabilities. Note the MP3 patents have expired...
Apple Patents Technology to remotely disable your iPhone Camera at Concerts
Here's something you'll not like at all: Apple has been awarded a patent for technology that would prevent you from snapping pictures and shooting videos with your iPhone or iPad at places or events, like concerts or museums, where it might be prohibited or inappropriate. The patent, granted on...
ancowipers.com XSS vulnerability
Open Bug Bounty ID: OBB-100228 Description| Value ---|--- Affected Website:| ancowipers.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
Google Acquires Device Maker Motorola Mobility for $12.5b
HED: Google Device Maker Motorola Mobility DEK: The company will double down on the mobile space with its $12.5b purchase of Motorola Mobility Search giant Google announced a major move into the mobile device space on Monday with a $12.5 billion purchase of Motorola Mobility Holdings. The deal,...