Lucene search
K

5 matches found

Check Point Advisories
Check Point Advisories
added 2018/05/15 12:0 a.m.46 views

Electron NodeIntegration Remote Code Execution (CVE-2018-1000136)

A remote code execution vulnerability exists in Electron. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.7AI score0.04778EPSS
Exploits1
The Hacker News
The Hacker News
added 2018/05/14 9:46 a.m.94 views

Simple bug could lead to RCE flaw on apps built with Electron Framework

A critical remote code execution vulnerability has been discovered in the popular Electron web application framework that could allow attackers to execute malicious code on victims' computers. Electron is an open source app development framework that powers thousands of widely-used desktop...

8.1CVSS1.3AI score0.04778EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2018/03/26 4:41 p.m.3 views

@quarks/bpmn-extension (=1.0.0), @quarks/contract-extension (>=1.0.0 <=1.0.6) +45 more potentially affected by CVE-2018-1000136 via electron (>=1.7.0 <=1.7.12)

electron NPM version =1.7.0, =1.0.0, =1.0.1, =0.4.0-next.0b426d22, =0.3.3, =0.4.0-next.0cc6469e, =0.4.0-next.0b426d22, =0.3.3, =0.4.0-next.0b426d22, =0.4.0-next.0b426d22, =0.4.0-next.0b426d22, =0.4.0-next.0b426d22, =0.4.0-next.0b426d22, =0.4.0-next.0b426d22, =0.4.0-next.0cc6469e,...

8.1CVSS7.5AI score0.04778EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2018/03/26 4:41 p.m.5 views

@felixrieseberg/electron-prebuilt-compile (>=2.0.0-beta.1 <=2.0.0-beta.4), electron-prebuilt-compile (>=2.0.0-beta.1 <=2.0.0-beta.4) potentially affected by CVE-2018-1000136 via electron (>=2.0.0-beta.1 <=2.0.0-beta.4)

electron NPM version =2.0.0-beta.1, =2.0.0-beta.1, =2.0.0-beta.1, =2.0.0-beta.4 Source cves: CVE-2018-1000136 Source advisory: OSV:GHSA-8XWG-WV7V-4VQP...

8.1CVSS7.4AI score0.04778EPSS
Exploits1
CVE
CVE
added 2018/03/23 7:0 p.m.84 views

CVE-2018-1000136

CVE-2018-1000136 concerns the Electron framework where Webviews mishandle values, enabling potential remote code execution. Affected are Electron versions: 1.7.x up to 1.7.12, 1.8.x up to 1.8.3, and 2.0.0 up to 2.0.0-beta.3. The issue appears when an application allows execution of third‑party co...

8.1CVSS8.4AI score0.04778EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder