Lucene search
+L

1809 matches found

Snyk
Snyk
added 2026/04/07 3:52 p.m.6 views

Exposure of Resource to Wrong Sphere

Overview electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Exposure of Resource to Wrong Sphere via the window.open function. An attacker can gain access to or manipulate the browsin...

8.8CVSS5.9AI score0.003EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.12 views

WebSP-Eval: Evaluating Web Agents on Website Security and Privacy Tasks

Web agents automate browser tasks, ranging from simple form completion to complex workflows like ordering groceries. While current benchmarks evaluate general-purpose performancee.g., WebArena or safety against malicious actionse.g., SafeArena, no existing framework assesses an agent's ability to...

6AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.13 views

PT-2026-30918

Name of the Vulnerable Software and Affected Versions Electron versions prior to 39.8.5 Electron versions prior to 40.8.5 Electron versions prior to 41.1.0 Electron versions prior to 42.0.0-alpha.5 Description Electron did not correctly scope the named-window lookup to the opener's browsing conte...

6CVSS6.1AI score0.003EPSS
Exploits0References10
Oracle linux
Oracle linux
added 2026/04/07 12:0 a.m.14 views

thunderbird security update

140.9.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.9.0 - Add OpenELA debranding 140.9.0-1 - Update to 140.9.0 ESR...

10CVSS7.2AI score0.00773EPSS
Exploits0
EUVD
EUVD
added 2026/04/05 9:30 p.m.6 views

EUVD-2019-20048

R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler SEH overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to...

8.6CVSS6.7AI score0.00159EPSS
Exploits0References5
NVD
NVD
added 2026/04/05 9:16 p.m.9 views

CVE-2019-25656

R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler SEH overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to...

8.6CVSS0.00159EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/04/05 9:16 p.m.3 views

CVE-2019-25656

R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler SEH overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to...

8.6CVSS6.5AI score0.00159EPSS
Exploits0References5
OSV
OSV
added 2026/04/05 9:16 p.m.7 views

UBUNTU-CVE-2019-25656

R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler SEH overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to...

8.6CVSS6.6AI score0.00159EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/05 8:45 p.m.3 views

CVE-2019-25656

R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler SEH overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to...

8.6CVSS6.7AI score0.00159EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/04/05 8:45 p.m.10 views

CVE-2019-25656

CVE-2019-25656 affects R i386 3.5.0. The vulnerability is a local buffer overflow in the GUI Preferences dialog, allowing a local attacker to trigger a structured exception handler (SEH) overwrite by supplying malicious input. An attacker can craft a payload in the 'Language for menus and message...

8.6CVSS6.7AI score0.00159EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/05 8:45 p.m.3 views

CVE-2019-25656 R i386 3.5.0 Local Buffer Overflow SEH

R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler SEH overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to...

8.6CVSS6.7AI score0.00159EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.6 views

PT-2026-30465

R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler SEH overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to...

8.6CVSS6.7AI score0.00159EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.13 views

R 缓冲区错误漏洞

R is a statistical computing software developed by The R Foundation. Version 3.5.0 of R i386 contains a buffer overflow vulnerability. This vulnerability stems from a local buffer overflow in the GUI Preferences dialog box, which may allow local attackers to trigger the structured exception handl...

8.6CVSS6AI score0.00159EPSS
Exploits0References4
NVD
NVD
added 2026/04/04 12:16 a.m.5 views

CVE-2026-34769

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, an undocumented commandLineSwitches webPreference allowed arbitrary switches to be appended to the renderer process command line. Ap...

8.8CVSS0.00295EPSS
Exploits0References4
OSV
OSV
added 2026/04/03 11:33 p.m.3 views

CVE-2026-34769 Electron: Renderer command-line switch injection via undocumented commandLineSwitches webPreference

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, an undocumented commandLineSwitches webPreference allowed arbitrary switches to be appended to the renderer process command line. Ap...

7.7CVSS6AI score0.00295EPSS
Exploits0References6
Snyk
Snyk
added 2026/04/03 2:39 a.m.4 views

Hidden Functionality

Overview electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Hidden Functionality via the commandLineSwitches webPreference. An attacker can inject arbitrary command-line switches into...

8.7CVSS6AI score0.00295EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/03 2:39 a.m.2 views

Hidden Functionality

Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Hidden Functionality via the commandLineSwitches webPreference. An attacker can inject arbitrary command-li...

8.8CVSS6AI score0.00295EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.11 views

PT-2026-29999

Name of the Vulnerable Software and Affected Versions Electron versions prior to 38.8.6, prior to 39.8.0, prior to 40.7.0, and prior to 41.0.0-beta.8. Description An undocumented commandLineSwitches webPreference allowed arbitrary switches to be appended to the renderer process command line...

8.8CVSS5.9AI score0.00295EPSS
Exploits0References8
Oracle linux
Oracle linux
added 2026/04/01 12:0 a.m.11 views

thunderbird security update

140.9.0-1.0.1 - Add Oracle prefs 140.9.0-1 - Update to 140.9.0 ESR...

10CVSS7.2AI score0.00773EPSS
Exploits0
EUVD
EUVD
added 2026/03/30 12:32 p.m.6 views

EUVD-2018-21720

HeidiSQL 9.5.0.5196 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long file path in the logging preferences. Attackers can input a buffer-overflow payload through the SQL log file path field in Preferences Logging to...

6.9CVSS6AI score0.00206EPSS
Exploits1References5
Rows per page
Query Builder