SUSE CVE-2024-39904

VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...

CVE-2024-39904 Code Execution Vulnerability via Local File Path Traversal in Vnote

VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...

PT-2024-28722 · Vnote · Vnote

Name of the Vulnerable Software and Affected Versions: VNote versions prior to 3.18.1 Description: A code execution issue existed in VNote, allowing an attacker to execute arbitrary programs on the victim's system. This could be achieved by using a crafted URI in a note, such as...

PT-2024-21369 · Enpass · Enpass Password Manager Desktop Client

Name of the Vulnerable Software and Affected Versions: Enpass Password Manager Desktop Client version 6.9.2 Description: The issue allows attackers to run arbitrary HTML code via the creation of a crafted note, potentially leading to HTML injection. This can occur in the Enpass Password Manager...

Typora 0.9.9.24.6 - Directory Traversal

Exploit Title: Code execution via path traversal Date: 17-05-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: http://typora.io Software Link: https://typora.io/download/Typora.dmg Version: 0.9.9.24.6 Tested on: macOS Mojave v10.14.4 CVE: CVE-2019-12137 References:...