Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typora typora vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-7295
typora up to and including 0.9.63 has XSS, with resultant remote command execution, during block rendering of a mathematical formula.
Typora Typora
6.1
CVSSv3
CVE-2019-7296
typora up to and including 0.9.64 has XSS, with resultant remote command execution, during inline rendering of a mathematical formula.
Typora Typora
7.4
CVSSv3
CVE-2020-18336
Cross Site Scripting (XSS) vulnerability found in Typora v.0.9.65 allows a remote malicious user to obtain sensitive information via the PDF file exporting function.
Typora Typora 0.9.65
6.1
CVSSv3
CVE-2020-18748
Cross Site Scripting (XSS) in Typora v0.9.65 allows malicious users to execute arbitrary code via mathjax syntax due to a mathjax configuration error in the mathematical formula blocks. This is a different vulnerability from CVE-2020-18221.
Typora Typora 0.9.65
7.8
CVSSv3
CVE-2019-12137
Typora 0.9.9.24.6 on macOS allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note.
Typora Typora 0.9.9.24.6
7.8
CVSSv3
CVE-2019-12172
Typora 0.9.9.21.1 (1913) allows arbitrary code execution via a modified file: URL syntax in the HREF attribute of an AREA element, as demonstrated by file:\\\ on macOS or Linux, or file://C| on Windows. This is different from CVE-2019-12137.
Typora Typora 0.9.9.21.1
6.1
CVSSv3
CVE-2020-21058
Cross Site Scripting vulnerability in Typora v.0.9.79 allows a remote malicious user to execute arbitrary code via the mermaid sytax.
Typora Typora 0.9.79
6.1
CVSSv3
CVE-2020-18737
An issue exists in Typora 0.9.67. There is an XSS vulnerability that causes Remote Code Execution.
Typora Typora 0.9.67
NA
CVE-2024-33300
Typora v1.0.0 through v1.7 version (below) Markdown editor has a cross-site scripting (XSS) vulnerability, which allows malicious users to execute arbitrary code by uploading Markdown files.
NA
CVE-2024-31783
Cross Site Scripting (XSS) vulnerability in Typora v.1.6.7 and before, allows a local malicious user to obtain sensitive information via a crafted script during markdown file creation.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »