CVE-2024-41481

Typora before 1.9.3 Markdown editor has a cross-site scripting XSS vulnerability via the Mermaid component...

CVE-2019-20374

A mutation cross-site scripting XSS issue in Typora through 0.9.9.31.2 on macOS and through 0.9.81 on Linux leads to Remote Code Execution through Mermaid code blocks. To exploit this vulnerability, one must open a file in Typora. The XSS vulnerability is then triggered due to improper HTML...

CVE-2019-7295

typora through 0.9.63 has XSS, with resultant remote command execution, during block rendering of a mathematical formula...

CVE-2019-12172

Typora 0.9.9.21.1 1913 allows arbitrary code execution via a modified file: URL syntax in the HREF attribute of an AREA element, as demonstrated by file:\\\ on macOS or Linux, or file://C| on Windows. This is different from CVE-2019-12137...

CVE-2019-12137

Typora 0.9.9.24.6 on macOS allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note...

CVE-2024-14010

Typora 1.7.4 contains a command injection vulnerability in the PDF export preferences that allows attackers to execute arbitrary system commands. Attackers can inject malicious commands into the 'run command' input field during PDF export to achieve remote code execution...

EUVD-2024-55353

Typora 1.7.4 contains a command injection vulnerability in the PDF export preferences that allows attackers to execute arbitrary system commands. Attackers can inject malicious commands into the 'run command' input field during PDF export to achieve remote code execution...

CVE-2024-14010

Typora 1.7.4 contains a command injection vulnerability in the PDF export preferences that allows attackers to execute arbitrary system commands. Attackers can inject malicious commands into the 'run command' input field during PDF export to achieve remote code execution...

CVE-2024-14010 Typora 1.7.4 OS Command Injection via Export PDF Preferences

Typora 1.7.4 contains a command injection vulnerability in the PDF export preferences that allows attackers to execute arbitrary system commands. Attackers can inject malicious commands into the 'run command' input field during PDF export to achieve remote code execution...

CVE-2024-14010

Typora 1.7.4 is affected by a command injection vulnerability in the PDF export preferences. The flaw allows an attacker to inject arbitrary commands via the run command input field during PDF export, enabling remote code execution. Affected component: Typora PDF export settings. Root cause: unva...

CVE-2024-14010 Typora 1.7.4 OS Command Injection via Export PDF Preferences

Typora 1.7.4 contains a command injection vulnerability in the PDF export preferences that allows attackers to execute arbitrary system commands. Attackers can inject malicious commands into the 'run command' input field during PDF export to achieve remote code execution...

Typora 操作系统命令注入漏洞

Typora is a Typora open source editor. An operating system command injection vulnerability exists in Typora version 1.7.4, which stems from a command injection in the PDF export preferences that could lead to the execution of arbitrary system commands...

PT-2025-50970

Name of the Vulnerable Software and Affected Versions Typora version 1.7.4 Description The software contains a command injection issue in the PDF export preferences. This allows attackers to execute arbitrary system commands. Attackers can inject malicious commands into the 'run command' input...

EUVD-2019-3788

Malware in sbrugna...

EUVD-2019-16839

Malware in sbrugna...

EUVD-2019-3821

Malware in sbrugna...

EUVD-2019-16358

Malware in sbrugna...

EUVD-2020-10665

Malware in sbrugna...

EUVD-2020-10654

Malware in sbrugna...

EUVD-2020-10148

Malware in sbrugna...