537 matches found
CVE-2018-1000118
Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. This attack appear to be exploitable via the victim opening an electron protocol handler in their browser. This vulnerability appears to hav...
Heap overflow
NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution...
CVE-2018-1000118
Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. This attack appear to be exploitable via the victim opening an electron protocol handler in their browser. This vulnerability appears to hav...
CVE-2018-1000118
Technical details for CVE-2018-1000118 are not publicly available in the provided documents. Monitor for updates.
CVE-2018-1000116
NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution...
CVE-2018-1000118
Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. This attack appear to be exploitable via the victim opening an electron protocol handler in their browser. This vulnerability appears to hav...
Exodus Wallet (ElectronJS Framework) remote Code Execution
This module exploits a Remote Code Execution vulnerability in Exodus Wallet, a vulnerability in the ElectronJS Framework protocol handler can be used to get arbitrary command execution if the user clicks on a specially crafted URL. This module requires Metasploit: https://metasploit.com/download...
chromium-browser: insufficient escaping with external url handlers
Insufficient data validation in External Protocol Handler in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially execute arbitrary programs on user machine via a crafted HTML page...
CVE-2018-6043
Insufficient data validation in External Protocol Handler in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially execute arbitrary programs on user machine via a crafted HTML page...
Electron Protocol Handler Remote Code Execution (CVE-2018-1000006)
A remote code execution vulnerability exists within Electron Protocol Handler. This is due to the way Electron registers Windows applications as the default handler for a protocol. A successful attack could lead to a remote code execution on the effected system...
GitHub Electron Arbitrary Command Execution Vulnerability
GitHub Electron is an application development framework from the American company GitHub. The framework supports writing cross-platform desktop applications using JavaScript, HTML and CSS. A security vulnerability exists in the protocol handler in GitHub Electron versions 1.8.2-beta.3 and earlier...
CVE-2018-1000006
GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user click...
CVE-2018-1000006
GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user click...
Design/Logic Flaw
GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user click...
CVE-2018-1000006
The CVE-2018-1000006 entry concerns GitHub Electron. Affected Electron versions include 1.8.2-beta.3 and earlier, 1.7.10 and earlier, and 1.6.15 and earlier. The vulnerability lies in the protocol handler: Electron apps on Windows (10/7/2008) that register custom protocol handlers can be tricked ...
CVE-2018-1000006
GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user click...
Skype, Slack and Other Popular Windows Apps Vulnerable to Critical Framework Bug
UPDATE Hundreds of software applications built using the developer framework called Electron may be vulnerable to a remote code execution flaw, according to developers of the framework. Impacted are dozens of popular Windows applications such as Microsoft’s Skype for Windows and Slack. Earlier th...
Remote Code Execution
Overview Affected versions of electron may be susceptible to a remote code execution flaw when certain conditions are met: 1. The electron application is running on Windows. 2. The electron application registers as the default handler for a protocol, such as nodeapp://. This vulnerability is caus...
Remote Code Execution in electron
Affected versions of electron may be susceptible to a remote code execution flaw when certain conditions are met: 1. The electron application is running on Windows. 2. The electron application registers as the default handler for a protocol, such as nodeapp://. This vulnerability is caused by a...
PT-2018-9198 · Microsoft +2 · Windows 2008 +4
Name of the Vulnerable Software and Affected Versions: GitHub Electron versions 1.8.2-beta.3 and earlier GitHub Electron versions 1.7.10 and earlier GitHub Electron versions 1.6.15 and earlier Description: The issue is related to a vulnerability in the protocol handler of Electron apps running on...