Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
electron vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5090
Electron Inc. Advanced Electron Forum prior to 1.0.7 allows remote malicious users to execute arbitrary PHP code via PHP code embedded in bbcode in the email parameter, which is processed by the preg_replace function with the eval switch.
Anelectron Advanced Electron Forum
Anelectron Advanced Electron Forum 1.0.2
Anelectron Advanced Electron Forum 1.0.5
Anelectron Advanced Electron Forum 1.0.3
Anelectron Advanced Electron Forum 1.0.1
Anelectron Advanced Electron Forum 1.0.4
1 EDB exploit
6.1
CVSSv3
CVE-2022-36077
The Electron framework enables writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions before 21.0.0-beta.1, 20.0.1, 19.0.11, and 18.3.7, Electron is vulnerable to Exposure of Sensitive Information. When following a redirect, Electron delays a chec...
Electronjs Electron
Electronjs Electron 21.0.0
6.6
CVSSv3
CVE-2023-39956
Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Electron apps that are launched as command line executables are impacted. Specifically this issue can only be exploited if the following conditions are met: 1. The app...
Electronjs Electron
Electronjs Electron 26.0.0
8.8
CVSSv3
CVE-2018-1000006
GitHub Electron versions 1.8.2-beta.3 and previous versions, 1.7.10 and previous versions, 1.6.15 and previous versions has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked i...
Atom Electron 1.8.2
Atom Electron
2 EDB exploits
2 Github repositories
2 Articles
8.1
CVSSv3
CVE-2018-1000136
Electron version 1.7 up to 1.7.12; 1.8 up to 1.8.3 and 2.0.0 up to 2.0.0-beta.3 contains an improper handling of values vulnerability in Webviews that can result in remote code execution. This attack appear to be exploitable via an app which allows execution of 3rd party code AND...
Electronjs Electron 2.0.0
Electronjs Electron
1 Article
5
CVSSv3
CVE-2022-21718
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` allows renderers to obtain access to a bluetooth device via the web bluetooth ...
Electronjs Electron
Electronjs Electron 17.0.0
9.9
CVSSv3
CVE-2020-4077
In Electron prior to 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass. Code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Apps using both `contextIsolation` and `contextBridge` are...
Electronjs Electron 9.0.0
Electronjs Electron
8.8
CVSSv3
CVE-2018-1000118
Github Electron version Electron 1.8.2-beta.4 and previous versions contains a Command Injection vulnerability in Protocol Handler that can result in command execute. This attack appear to be exploitable via the victim opening an electron protocol handler in their browser. This v...
Electronjs Electron 1.8.2
Electronjs Electron
1 Github repository
9
CVSSv3
CVE-2020-4076
In Electron prior to 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass. Code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Apps using contextIsolation are affected. This is fixed in...
Electronjs Electron 9.0.0
Electronjs Electron
5.9
CVSSv3
CVE-2016-10534
electron-packager is a command line tool that packages Electron source code into `.app` and `.exe` packages. along with Electron. The `--strict-ssl` command line option in electron-packager >= 5.2.1 <= 6.0.0 || >=6.0.0 <= 6.0.2 defaults to false if not explicitly set ...
Electron-packager Project Electron-packager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »