CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-0326

Malware in sbrugna...

5.9CVSS5.8AI score0.00156EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-0797

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00384EPSS

Exploits0References4

RedhatCVE•added 2025/02/05 7:58 a.m.•3 views

CVE-2024-29900

Electron Packager bundles Electron-based application source code with a renamed Electron executable and supporting files into folders ready for distribution. A random segment of 1-10kb of Node.js heap memory allocated either side of a known buffer will be leaked into the final executable. This...

7.5CVSS6.8AI score0.00384EPSS

Exploits0References1

OSV•added 2024/03/29 8:16 p.m.•13 views

GHSA-34H3-8MW4-QW57 @electron/packager's build process memory potentially leaked into final executable

Impact A random segment of 1-10kb of Node.js heap memory allocated either side of a known buffer will be leaked into the final executable. This memory could contain sensitive information such as environment variables, secrets files, etc. Patches This issue is patched in 18.3.1 Workarounds No...

7.5CVSS7.3AI score0.00384EPSS

Exploits0References4

NVD•added 2024/03/29 4:15 p.m.•12 views

CVE-2024-29900

7.5CVSS7.5AI score0.00384EPSS

Exploits0References2

Cvelist•added 2024/03/29 3:15 p.m.•15 views

CVE-2024-29900 @electron/packager's build process memory potentially leaked into final executable

7.5CVSS7.7AI score0.00384EPSS

Exploits0References2

OSV•added 2024/03/29 3:15 p.m.•18 views

CVE-2024-29900 @electron/packager's build process memory potentially leaked into final executable

7.5CVSS7.5AI score0.00384EPSS

Exploits0References4

Vulnrichment•added 2024/03/29 3:15 p.m.•11 views

CVE-2024-29900 @electron/packager's build process memory potentially leaked into final executable

7.5CVSS6.8AI score0.00384EPSS

Exploits0References2

CVE•added 2024/03/29 3:15 p.m.•54 views

CVE-2024-29900

The CVE-2024-29900 entry concerns the Electron Packager project. Affected component: the bundling/packaging process used to create distributable Electron apps, specifically within @electron/packager. Root cause: a memory leak where a random segment of ~1–10 kB of Node.js heap memory allocated on ...

7.5CVSS7.4AI score0.00384EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2024/03/29 12:0 a.m.•2 views

PT-2024-23121 · Unknown · Electron Packager

Name of the Vulnerable Software and Affected Versions: Electron Packager versions prior to 18.3.1 Description: A random segment of 1-10kb of Node.js heap memory allocated either side of a known buffer will be leaked into the final executable. This memory could contain sensitive information such a...

7.5CVSS7.4AI score0.00384EPSS

Exploits0References9

CNNVD•added 2024/03/29 12:0 a.m.•1 views

Electron Packager 安全漏洞

Electron is a personal developer of a user to write cross-platform desktop application JavaScript framework. The framework is based on nodejs and Chromium and enables the writing of cross-platform desktop applications using HTML and CSS. A security vulnerability exists in Electron Packager versio...

7.5CVSS7.4AI score0.00384EPSS

Exploits0References3

Github Security Blog•added 2019/02/18 11:58 p.m.•26 views

SSL Validation Defaults to False in electron-packager

Affected versions of electron-packager configure the generated application to disable SSL certificate verification by default. This could allow an attacker with a privileged network position to launch a Man In The Middle MITM attack on the install process, intercepting the step where...

5.9CVSS3.8AI score0.00156EPSS

Exploits0References4Affected Software1

OSV•added 2019/02/18 11:58 p.m.•12 views

GHSA-Q43M-FFWR-RPCC SSL Validation Defaults to False in electron-packager

5.9CVSS5.7AI score0.00156EPSS

Exploits0References4

Kitploit•added 2018/07/15 10:10 p.m.•26 views

Memoro - A Detailed Heap Profiler

Memoro is a highly detailed heap profiler. Memoro not only shows you where and when your program makes heap allocations, but will show you how your program actually used that memory. Memoro collects detailed information on accesses to the heap, including reads and writes to memory and when they...

7AI score

Exploits0References5

CNVD•added 2018/06/04 12:0 a.m.•1 views

electron-packager Man-in-the-Middle Attack Vulnerability

electron-packager is a tool for packaging applications into executables based on different platforms. A security vulnerability exists in electron-packager versions 5.2.1 through 6.0.0 and 6.0.0 through 6.0.2, which stems from the '--strict-ssl' command line option being set by default to 'false '...

5.9CVSS7AI score0.00156EPSS

Exploits0References1

OSV•added 2018/05/31 8:29 p.m.•15 views

CVE-2016-10534

electron-packager is a command line tool that packages Electron source code into .app and .exe packages. along with Electron. The --strict-ssl command line option in electron-packager = 5.2.1 =6.0.0 = 6.0.2 defaults to false if not explicitly set to true. This could allow an attacker to perform a...

5.9CVSS6.1AI score

Exploits0References2

NVD•added 2018/05/31 8:29 p.m.•11 views

CVE-2016-10534

5.9CVSS5.8AI score0.00156EPSS

Exploits0References2

Prion•added 2018/05/31 8:29 p.m.•7 views

Command injection

4.3CVSS7.2AI score0.00156EPSS

Exploits0References2Affected Software1

Cvelist•added 2018/05/31 8:0 p.m.•11 views

CVE-2016-10534

5.8AI score0.00156EPSS

Exploits0References2

CVE•added 2018/05/31 8:0 p.m.•54 views

CVE-2016-10534

CVE-2016-10534 affects electron-packager where the --strict-ssl option is defaulted to false in versions 5.2.1–6.0.0 and 6.0.0–6.0.2 unless explicitly set to true. This enables potential MITM attacks during Electron downloads for supported targets. Connected advisories corroborate the MITM risk a...

5.9CVSS5.7AI score0.00156EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by