4 matches found
CVE-2024-27303
creationtimestamp| type| source ---|---|--- 2024-03-06 20:26:52+00:00| seen| https://t.me/ctinow/201762 2024-03-06 20:36:25+00:00| seen| https://t.me/ctinow/201783...
CVE-2024-27303
The CVE-2024-27303 vulnerability affects electron-builder’s NSIS installer prior to 24.13.2 on Windows. The NSIS installer runs NSExec, which by default searches the install folder before PATH. If an attacker places a malicious cmd.exe in the same folder as the installer, that executable can be e...
CVE-2024-27303 electron-builder's NSIS installer - execute arbitrary code on the target machine (Windows only)
electron-builder is a solution to package and build a ready for distribution Electron, Proton Native app for macOS, Windows and Linux. A vulnerability that only affects eletron-builder prior to 24.13.2 in Windows, the NSIS installer makes a system call to open cmd.exe via NSExec in the .nsh...
@abcum/ember-app (>=0.1.0 <=0.12.0), @abcum/ember-contextmenu (>=3.0.5 <=4.0.1) +176 more potentially affected by CVE-2024-27303 via app-builder-lib (>=20.24.0 <=24.13.1)
app-builder-lib NPM version =20.24.0, =0.1.0, =3.0.5, =0.1.0, =1.0.0, =0.0.10, =0.0.1, =0.0.1-alpha.0, =0.0.1, =1.0.1, =1.0.1, =1.0.5, =0.0.24, =0.39.0, =1.17.0 and more Source cves: CVE-2024-27303 Source advisory: OSV:GHSA-R4PF-3V7R-HH55...