EUVD-2022-29531

Malicious code in bioql PyPI...

EUVD-2022-7131

Malicious code in bioql PyPI...

CVE-2023-27390

A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality of Diagon v1.0.139. A specially crafted markdown file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability...

CVE-2023-2317

DOM-based XSS in updater/update.html in Typora before 1.6.7 on Windows and Linux allows a crafted markdown file to run arbitrary JavaScript code in the context of Typora main window via loading typora://app/typemark/updater/update.html in tag. This vulnerability can be exploited if a user opens a...

CVE-2022-24656

HexoEditor 1.1.8 is affected by Cross Site Scripting XSS. By putting a common XSS payload in a markdown file, if opened with the app, will execute several times...

PT-2022-25313 · Gridea · Gridea

Name of the Vulnerable Software and Affected Versions: Gridea version 0.9.3 Description: The issue allows an external attacker to execute arbitrary code remotely on any client attempting to view a malicious markdown file through Gridea. This is possible because the application has the...