Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2026/04/03 11:46 p.m.4 views

CVE-2026-34770

CVE-2026-34770 concerns Electron apps using the powerMonitor module. The issue is a use-after-free: after the native PowerMonitor object is garbage-collected, OS-level resources (a Windows message window; a macOS shutdown handler) may still reference freed memory. A subsequent session-change even...

8.8CVSS5.8AI score0.00014EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2026/04/03 2:39 a.m.1 views

GHSA-JJP3-MQ3X-295M Electron: Use-after-free in PowerMonitor on Windows and macOS

Impact Apps that use the powerMonitor module may be vulnerable to a use-after-free. After the native PowerMonitor object is garbage-collected, the associated OS-level resources a message window on Windows, a shutdown handler on macOS retain dangling references. A subsequent session-change event...

7CVSS5.9AI score0.00014EPSS
Exploits0References3
Snyk
Snykadded 2026/04/03 2:39 a.m.2 views

Use After Free

Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Use After Free in the powerMonitor function. An attacker can cause memory corruption or application crashes...

8.8CVSS5.8AI score0.00014EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/04/03 12:0 a.m.2 views

PT-2026-30000

Impact Apps that use the powerMonitor module may be vulnerable to a use-after-free. After the native PowerMonitor object is garbage-collected, the associated OS-level resources a message window on Windows, a shutdown handler on macOS retain dangling references. A subsequent session-change event...

7CVSS5.9AI score0.00014EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2024/09/09 4:5 p.m.6 views

wildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters

A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when the turnOffChangeSessionIdOnLogin option is configured. This flaw allows an attacker who hijacks the current session before authenticati...

7.1CVSS5.8AI score0.02246EPSS
Exploits0References5
OSV
OSVadded 2011/07/14 11:55 p.m.1 views

DEBIAN-CVE-2011-2507

libraries/serversynchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly quote regular expressions, which allows remote authenticated users to inject a PCRE e aka PREGREPLACEEVAL modifier, and consequently execute arbitrary...

6.5CVSS6.9AI score0.03737EPSS
Exploits5References1
NVD
NVDadded 2009/12/31 7:30 p.m.9 views

CVE-2009-4527

The Shibboleth authentication module 5.x before 5.x-3.4 and 6.x before 6.x-3.2, a module for Drupal, does not properly remove statically granted privileges after a logout or other session change, which allows physically proximate attackers to gain privileges by using an unattended web browser...

4.6CVSS7AI score0.00105EPSS
Exploits0References5
Rows per page
Query Builder