CVE-2020-4075

In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary local file read is possible by defining unsafe window options on a child window opened via window.open. As a workaround, ensure you are calling event.preventDefault on all new-window events where the url or options is not...

Arbitrary file read via window-open IPC in Electron

Impact The vulnerability allows arbitrary local file read by defining unsafe window options on a child window opened via window.open. Workarounds Ensure you are calling event.preventDefault on all new-window events where the url or options is not something you expect. Fixed Versions 9.0.0-beta.21...

CVE-2019-7613

Winlogbeat versions before 5.6.16 and 6.6.2 had an insufficient logging flaw. An attacker able to inject certain characters into a log entry could prevent Winlogbeat from recording the event...

Design/Logic Flaw

Winlogbeat versions before 5.6.16 and 6.6.2 had an insufficient logging flaw. An attacker able to inject certain characters into a log entry could prevent Winlogbeat from recording the event...