65 matches found
Electron 资源管理错误漏洞
Electron is a JavaScript framework developed by users for creating cross-platform desktop applications under the open-source license. This framework is based on Node.js and Chromium, allowing the development of cross-platform desktop applications using HTML and CSS. Versions of Electron prior to...
CVE-2026-34770 Electron: Use-after-free in PowerMonitor on Windows and macOS
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8, apps that use the powerMonitor module may be vulnerable to a use-after-free. After the native PowerMonitor object is...
CVE-2026-34770
CVE-2026-34770 concerns Electron apps using the powerMonitor module. The issue is a use-after-free: after the native PowerMonitor object is garbage-collected, OS-level resources (a Windows message window; a macOS shutdown handler) may still reference freed memory. A subsequent session-change even...
EUVD-2026-18939
Electron: Use-after-free in PowerMonitor on Windows and macOS...
Electron: Use-after-free in PowerMonitor on Windows and macOS
Impact Apps that use the powerMonitor module may be vulnerable to a use-after-free. After the native PowerMonitor object is garbage-collected, the associated OS-level resources a message window on Windows, a shutdown handler on macOS retain dangling references. A subsequent session-change event...
EUVD-2018-11302
Malware in sbrugna...
EUVD-2018-11303
Malware in sbrugna...
EUVD-2023-33598
Malicious code in bioql PyPI...
The vulnerability of the microprogramming software of the Rockwell Automation PowerMonitor 1000 monitoring and control device, related to buffer overflow in dynamic memory, allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the microprogramming software of the Rockwell Automation PowerMonitor 1000 monitoring and control device is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause a service failure...
The vulnerability of the microprogramming software of the Rockwell Automation PowerMonitor 1000 device, caused by buffer overflows, allows a hacker to trigger a maintenance failure.
The vulnerability of the microprogramming software of the Rockwell Automation PowerMonitor 1000 monitoring and control device is caused by buffer overflow. Exploiting this vulnerability can allow a malicious actor to cause a service failure remotely...
The vulnerability of the application software interface of Rockwell Automation’s PowerMonitor 1000 device for monitoring and controlling electrical networks allows a perpetrator to gain full access to the device.
The vulnerability of the application software interface of Rockwell Automation’s PowerMonitor 1000 monitoring and control device lies in the ability to create a privileged user bypassing the authentication mechanism. Exploiting this vulnerability could allow an intruder to gain full access to the...
Rockwell Automation PowerMonitor 1000 Unprotected Alternate Channel (CVE-2024-12371)
A device takeover vulnerability exists in the affected product. This vulnerability allows configuration of a new Policyholder user without any authentication via API. Policyholder user is the most privileged user that can perform edit operations, creating admin users and performing factory reset...
CVE-2024-12373 Rockwell Automation PowerMonitor™ 1000 Denial of Service
A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service...
CVE-2024-12373
CVE-2024-12373 affects Rockwell Automation PowerMonitor 1000. The connected materials confirm a denial-of-service vulnerability caused by a buffer overflow in the device, exploitable over the network with no user interaction required. Public sources (ICS advisory ICSA-24-352-03) detail risk: pote...
CVE-2024-12372
CVE-2024-12372 affects Rockwell Automation PowerMonitor 1000. The issue enables denial-of-service and potentially remote code execution via heap memory corruption, exploitable over the network through the device API that allows unauthenticated policy changes (admin creation, factory resets). Seve...
CVE-2024-12372 Rockwell Automation PowerMonitor™ 1000 Denial of Service
A denial-of-service and possible remote code execution vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in corruption of the heap memory which may compromise the integrity of the system, potentially allowing for remote code execution or a...
CVE-2024-12371
CVE-2024-12371 affects Rockwell Automation Power Monitor 1000. Vulnerability: API allows unauthenticated creation of a Policyholder user with high privileges (edit operations, admin creation, factory reset). Reported impact includes device takeover and potential for remote code execution/DoS via ...
PT-2024-10278
Name of the Vulnerable Software and Affected Versions: Rockwell Automation Power Monitor 1000 affected versions not specified Description: A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer overflow, potentially causing...
The vulnerability of the Rockwell Automation PowerMonitor 1000 monitor regarding electrical load distribution, due to deficiencies in user input data validation, allows a intruder to execute arbitrary code.
The vulnerability of the Rockwell Automation PowerMonitor 1000 monitor regarding electrical load distribution is related to deficiencies in the verification of data entered by users. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
Rockwell Automation PowerMonitor 1000 Cross Site Scripting Vulnerability
Rockwell Automation PowerMonitor 1000 is a power monitoring device from Rockwell Automation. The Rockwell Automation PowerMonitor 1000 suffers from a cross-site scripting vulnerability that stems from a lack of effective filtering and escaping of user-supplied data, which can be exploited by an...