41 matches found
CVE-2024-39904
VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...
EUVD-2019-17809
Malware in sbrugna...
EUVD-2024-38293
Malicious code in bioql PyPI...
EUVD-2024-39118
Malicious code in bioql PyPI...
CVE-2024-41662
VNote is a note-taking platform. A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which...
SUSE CVE-2024-41662
VNote is a note-taking platform. A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which...
CVE-2024-41662
VNote is a note-taking platform. A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which...
CVE-2024-41662
CVE-2024-41662 affects the VNote note-taking platform, specifically versions 3.18.1 and prior, where the Markdown rendering component is vulnerable to Cross-Site Scripting (XSS) that can lead to arbitrary JavaScript execution and potential remote code execution. The issue is triggered via Markdow...
CVE-2024-41662 VNote vulnerable to Markdown XSS, which leads to RCE
VNote is a note-taking platform. A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which...
CVE-2024-41662 VNote vulnerable to Markdown XSS, which leads to RCE
VNote is a note-taking platform. A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which...
CVE-2024-41662 VNote vulnerable to Markdown XSS, which leads to RCE
VNote is a note-taking platform. A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which...
PT-2024-29491 · Vnote · Vnote
Name of the Vulnerable Software and Affected Versions: VNote versions 3.18.1 and prior Description: A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of the VNote note-taking application. This issue allows the injection and execution of arbitrary...
VNote 安全漏洞
VNote is an open source cross-platform Markdown note-taking tool from VNote Open Source. A security vulnerability exists in VNote 3.18.1 and earlier versions. An attacker can remotely execute code by exploiting the vulnerability...
SUSE CVE-2024-39904
VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...
CVE-2024-39904
VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...
CVE-2024-39904 Code Execution Vulnerability via Local File Path Traversal in Vnote
VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...
CVE-2024-39904
VNote (note‑taking platform) before version 3.18.1 is affected by a code execution vulnerability that can be triggered via crafted notes containing local file references (for example, file:///C:/WINDOWS/system32/cmd.exe or calc.exe). The underlying issue is a local file path handling/URI embeddin...
CVE-2024-39904 Code Execution Vulnerability via Local File Path Traversal in Vnote
VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...
CVE-2024-39904 Code Execution Vulnerability via Local File Path Traversal in Vnote
VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...
VNote Security Vulnerability
VNote is an open source cross-platform Markdown note-taking tool from VNote Open Source. A security vulnerability exists in VNote versions prior to 3.18.1, which stems from the presence of a code execution vulnerability that could allow an attacker to execute arbitrary programs on the victim's...