Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
electron vulnerabilities and exploits
(subscribe to this query)
9.6
CVSSv3
CVE-2019-20374
A mutation cross-site scripting (XSS) issue in Typora up to and including 0.9.9.31.2 on macOS and up to and including 0.9.81 on Linux leads to Remote Code Execution through Mermaid code blocks. To exploit this vulnerability, one must open a file in Typora. The XSS vulnerability i...
Typora Typora
5.5
CVSSv3
CVE-2022-39381
Muhammara is a node module with c/cpp bindings to modify PDF with js for node or electron (based/replacement on/of galkhana/hummusjs). The package muhammara prior to 2.6.0; all versions of package hummus are vulnerable to Denial of Service (DoS) when supplied with a maliciously c...
Pdfhummus Hummusjs
Muhammarajs Project Muhammarajs
9.8
CVSSv3
CVE-2022-28005
An issue exists in the 3CX Phone System Management Console prior to version 18 Update 3 FINAL. An unauthenticated attacker could abuse improperly secured access to arbitrary files on the server (via /Electron/download directory traversal in conjunction with a path component that ...
3cx 3cx
7.5
CVSSv3
CVE-2022-41957
Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara prior to 2.6.2 and from 3.0.0 and prior to 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service (...
Muhammara Project Muhammara
Hummus Project Hummus
8.8
CVSSv3
CVE-2024-21625
SideQuest is a place to get virtual reality applications for Oculus Quest. The SideQuest desktop application uses deep links with a custom protocol (`sidequest://`) to trigger actions in the application from its web contents. Because, prior to version 0.10.35, the deep link URLs ...
Sidequestvr Sidequest
5.3
CVSSv3
CVE-2022-36083
JOSE is "JSON Web Almost Everything" - JWA, JWS, JWE, JWT, JWK, JWKS with no dependencies using runtime's native crypto in Node.js, Browser, Cloudflare Workers, Electron, and Deno. The PBKDF2-based JWE key management algorithms expect a JOSE Header Parameter named ...
Jose Project Jose
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7