Lucene search
K

4 matches found

NVD
NVD
added 2026/04/04 12:16 a.m.2 views

CVE-2026-34777

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, when an iframe requests fullscreen, pointerLock, keyboardLock, openExternal, or media permissions, the origin passed to...

5.4CVSS0.00122EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/03 11:57 p.m.2 views

CVE-2026-34777

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, when an iframe requests fullscreen, pointerLock, keyboardLock, openExternal, or media permissions, the origin passed to...

5.4CVSS5.8AI score0.00122EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/03/09 7:55 p.m.5 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via improper sanitization in the cleanUpString function. An attacker can execute arbitrary commands on the server by injecting specially crafted Liquidsoap string interpolation sequences into user-controllable...

8.7CVSS6.1AI score
Exploits0References2
OSV
OSV
added 2025/05/07 5:6 p.m.6 views

DRUPAL-CONTRIB-2025-048

This module extends the core Media module and allows site creators to permit oEmbed providers in addition to YouTube and Vimeo, which are deemed trustworthy by the Drupal Security Team. The module doesn't sufficiently mark its administrative permission as restricted, creating the possibility for...

6.1CVSS6AI score0.00195EPSS
Exploits0References1
Rows per page
Query Builder