14 matches found
EUVD-2026-32961
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In 3.8.8 and earlier, there is persistent local-pty code execution via imported bookmarks or compromised sync targets. Affects users who import bookmark JSON files or who have electerm sync configured...
CVE-2026-45058 electerm: Import unsafe bookmark data could lead to unsafe operation when click local type bookmark
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In 3.8.8 and earlier, there is persistent local-pty code execution via imported bookmarks or compromised sync targets. Affects users who import bookmark JSON files or who have electerm sync configured...
CVE-2026-45058
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In 3.8.8 and earlier, there is persistent local-pty code execution via imported bookmarks or compromised sync targets. Affects users who import bookmark JSON files or who have electerm sync configured...
CVE-2026-45058
The CVE-2026-45058 issue affects electerm (versions 3.8.8 and earlier). The root cause is persistent local-pty code execution via imported bookmarks or compromised sync targets, allowing an attacker to inject exec* fields or global config. This can cause remote code to run when a bookmark is open...
Electerm: Importing unsafe bookmark data could lead to unsafe operation when clicking local type bookmark
Impact Persistent local-pty code execution via imported bookmarks or compromised sync targets. Affects users who import bookmark JSON files or who have electerm sync configured gist/WebDAV. The attacker can inject exec fields or global config to cause remote code to run when a bookmark is opened ...
NPM: Electerm: Importing unsafe bookmark data could lead to unsafe operation when clicking local type bookmark
NPM: Electerm: Importing unsafe bookmark data could lead to unsafe operation when clicking local type bookmark vulnerability discovered by ? in WordPress Npm electerm versions = 3.8.8...
GHSA-JGG9-RW32-44PJ Electerm: Importing unsafe bookmark data could lead to unsafe operation when clicking local type bookmark
Impact Persistent local-pty code execution via imported bookmarks or compromised sync targets. Affects users who import bookmark JSON files or who have electerm sync configured gist/WebDAV. The attacker can inject exec fields or global config to cause remote code to run when a bookmark is opened ...
CVE-2025-63917
PDFPatcher thru 1.1.3.4663 executable's XML bookmark import functionality does not restrict XML external entity XXE references. The application uses .NET's XmlDocument class without disabling external entity resolution, enabling attackers to: Read arbitrary files from the victim's filesystem,...
EUVD-2025-197810
PDFPatcher thru 1.1.3.4663 executable's XML bookmark import functionality does not restrict XML external entity XXE references. The application uses .NET's XmlDocument class without disabling external entity resolution, enabling attackers to: Read arbitrary files from the victim's filesystem,...
CVE-2025-63917
PDFPatcher thru 1.1.3.4663 executable's XML bookmark import functionality does not restrict XML external entity XXE references. The application uses .NET's XmlDocument class without disabling external entity resolution, enabling attackers to: Read arbitrary files from the victim's filesystem,...
CVE-2025-63917
PDFPatcher thru 1.1.3.4663 executable's XML bookmark import functionality does not restrict XML external entity XXE references. The application uses .NET's XmlDocument class without disabling external entity resolution, enabling attackers to: Read arbitrary files from the victim's filesystem,...
PT-2025-47167
Name of the Vulnerable Software and Affected Versions PDFPatcher versions through 1.1.3.4663 Description The software does not properly restrict XML external entity XXE references in its XML bookmark import functionality. The application utilizes .NET’s XmlDocument class without disabling externa...
OPENSUSE-SU-2023:0397-1 Security update for opera
This update for opera fixes the following issues: - Update to 105.0.4970.34 DNA-112796 Import Import bookmarks and history don't work DNA-113147 Add strength setting for Lucid Mode DNA-113148 Update 'Lucid Mode' button on videos to enable / disable split preview DNA-113287 Add strength setting fo...
ie5_vulnerabilities.txt
Subject: IE 5.0 security vulnerabilities - ImportExportFavorites - at least creating and overwriting files, probably executing programs To: [email protected] Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer...