Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Browse Security Advisories

Moderate Security Advisories for electron in npm Clear Filters

Moderate
27 days ago

Electron has ASAR Integrity Bypass via resource modification GSA_kwCzR0hTQS12bXF2LWh4OHEtajdtZ84ABLov

npm electron
Moderate
3 months ago

Electron vulnerable to Heap Buffer Overflow in NativeImage GSA_kwCzR0hTQS02cjJ4LThwcTgtOTQ4Oc4ABJkx

npm electron
Moderate
almost 2 years ago

ASAR Integrity bypass via filetype confusion in electron GSA_kwCzR0hTQS03bTQ4LXdjOTMtOWc4Nc4AA3e-

npm electron
Moderate
about 2 years ago

Electron vulnerable to out-of-package code execution when launched with arbitrary cwd GSA_kwCzR0hTQS03eDk3LWozNzMtODV4Nc4AA1vg

npm electron
Moderate
about 2 years ago

Electron context isolation bypass via nested unserializable return value GSA_kwCzR0hTQS1wN3YyLXA5bTgtcXFnN84AA1vf

npm electron
Moderate
almost 3 years ago

Exfiltration of hashed SMB credentials on Windows via file:// redirect GSA_kwCzR0hTQS1wMmpoLTQ0cWotcGYyds4AAvz_

npm electron
Moderate
over 3 years ago

AutoUpdater module fails to validate certain nested components of the bundle GSA_kwCzR0hTQS03N3hjLWhqdjgtd3c5N84AArqt

npm electron
Moderate
over 3 years ago

Electron vulnerable to URL spoofing via PDFium GSA_kwCzR0hTQS02aDk4LWNmOWctdm1nMs4AAR20

npm Electron
Moderate
almost 4 years ago

Electron's sandboxed renderers can obtain thumbnails of arbitrary files through the nativeImage API GSA_kwCzR0hTQS1tcGptLXY5OTctYzRoNM0WiQ

npm electron
Moderate
over 4 years ago

IPC messages delivered to the wrong frame in Electron MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh2ZjgtaDJxaC0zN205

npm electron
Moderate
about 5 years ago

Arbitrary file read via window-open IPC in Electron MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY5bXEtanBoNi05bWht

npm electron

Filter by Severity

Moderate 10,450 High 8,231 Critical 3,380 Low 1,524

Filter by Ecosystem

maven 3,245 packagist 2,957 pypi 2,032 npm 1,380 go 1,299 nuget 470 rubygems 423 cargo 418 hex 16 swift 11 actions 8 pub 2

Filter by Package

directus 22 tinymce 14 next 12 TinyMCE 11 tinymce/tinymce 11 bootstrap 11 @openzeppelin/contracts-upgradeable 11 @openzeppelin/contracts 11 ckeditor4 11 ghost 11 vite 10 joplin 10 electron 10 angular 9 editor.md 8 parse-server 8 sanitize-html 7 n8n 7 validator 7 nodebb 7 marked 7 nocodb 7 swagger-ui 7 jQuery.UI.Combined 6 vega 6 url-parse 6 bootstrap 6 flowise 6 snyk-broker 6 org.webjars.npm:jquery-ui 6 matrix-js-sdk 6 jquery-ui 6 uptime-kuma 6 urijs 6 undici 6 tarteaucitronjs 5 @evershop/evershop 5 matrix-appservice-irc 5 vditor 5 katex 5 @lobehub/chat 5 trix 4 yui 4 rsshub 4 @directus/api 4 hono 4 glance 4 mermaid 4 serve 4 bootstrap 4 astro 4 jquery 4 bootstrap-sass 4 materialize-css 4 froala-editor 4 vega-functions 4 dompurify 4 matrix-react-sdk 4 @jmondi/url-to-png 3 sequelize 3 docsify 3 express 3 jQuery 3 follow-redirects 3 dojo 3 jose-node-cjs-runtime 3 xlsx 3 mattermost-desktop 3 systeminformation 3 m-server 3 jose-node-esm-runtime 3 @materializecss/materialize 3 @saltcorn/server 3 yapi-vendor 3 parse-url 3 public 3 @intlify/vue-i18n-core 3 moodle/moodle 3 jquery-ui-rails 3 strapi 3 vue-i18n 3 mysql 3 layui 3 twbs/bootstrap 3 petite-vue-i18n 3 apollo-server-core 3 hapi 3 valine 3 postcss 3 org.webjars:bootstrap 3 statics-server 3 next-auth 3 jose 3 renovate 3 @backstage/techdocs-common 3 bootstrap-sass 3 rendertron 2 jodit 2 node-forge 2 forms 2 @openc3/tool-common 2 @fedify/fedify 2 notevil 2 tough-cookie 2 wrangler 2 serialize-javascript 2 lodash-rails 2 summernote 2 mxgraph 2 http-file-server 2 quill 2 payload 2 jsonwebtoken 2 saml2-js 2 querymen 2 @directus/storage-driver-s3 2 parse 2 harp 2 pug-code-gen 2 express-xss-sanitizer 2 webpack-dev-server 2 @astrojs/node 2 connect 2 bootbox 2 request 2 openc3 2 simditor 2 express-gateway 2 simple-markdown 2 erxes 2 @strapi/utils 2 nodemailer 2 jellyfin-web 2 simplehttpserver 2 bl 2 karma 2 @auth0/nextjs-auth0 2 Umbraco.Cms.StaticAssets 2 @intlify/core 2 pnpm 2 google-closure-library 2 mcp-markdownify-server 2 @escape.tech/graphql-armor-max-depth 2 aws-cdk-lib 2 @strapi/strapi 2 nunjucks 2 @strapi/plugin-content-manager 2 @vrite/sdk 2 mongo-express 2 axios 2 aws-cdk 2 apollo-server 2 sockjs 2 lodash-es 2 jsrsasign 2 @finastra/nestjs-proxy 2 mysql2 2 converse.js 2 stimulsoft-dashboards-js 2 html-janitor 2 gitbook 2 jszip 2 matrix-appservice-bridge 2 fastify 2 reveal.js 2 handlebars 2 @excalidraw/excalidraw 2 @builder.io/qwik 2 fast-jwt 2 http-proxy-middleware 2 org.webjars.npm:jquery 2 jose-browser-runtime 2 bootstrap.sass 2 jsoneditor 2 @payloadcms/graphql 2 node-red-dashboard 2 @strapi/admin 2 engine.io 2 openmct 2 jspdf 2 auth0-lock 2 svelte 2 status-board 2 psitransfer 2 @intlify/core-base 2 node-sass 2 lodash 2 i18next 2 @payloadcms/next 2 @ckeditor/ckeditor5-markdown-gfm 2 openpgp 2 keycloak-connect 2 nanoid 2 ggit 2 @adobe/css-tools 2 element-plus 2 xmldom 2 keystone 2 jquery-rails 2 apostrophe 2

Filter by Repository

https://github.com/electron/electron 11