Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Browse Security Advisories

Moderate Security Advisories for electron in npm Clear Filters

Moderate
30 days ago

Electron vulnerable to Heap Buffer Overflow in NativeImage GSA_kwCzR0hTQS02cjJ4LThwcTgtOTQ4Oc4ABJkx

npm electron
Moderate
over 1 year ago

ASAR Integrity bypass via filetype confusion in electron GSA_kwCzR0hTQS03bTQ4LXdjOTMtOWc4Nc4AA3e-

npm electron
Moderate
almost 2 years ago

Electron vulnerable to out-of-package code execution when launched with arbitrary cwd GSA_kwCzR0hTQS03eDk3LWozNzMtODV4Nc4AA1vg

npm electron
Moderate
almost 2 years ago

Electron context isolation bypass via nested unserializable return value GSA_kwCzR0hTQS1wN3YyLXA5bTgtcXFnN84AA1vf

npm electron
Moderate
over 2 years ago

Exfiltration of hashed SMB credentials on Windows via file:// redirect GSA_kwCzR0hTQS1wMmpoLTQ0cWotcGYyds4AAvz_

npm electron
Moderate
about 3 years ago

AutoUpdater module fails to validate certain nested components of the bundle GSA_kwCzR0hTQS03N3hjLWhqdjgtd3c5N84AArqt

npm electron
Moderate
about 3 years ago

Electron vulnerable to URL spoofing via PDFium GSA_kwCzR0hTQS02aDk4LWNmOWctdm1nMs4AAR20

npm Electron
Moderate
almost 4 years ago

Electron's sandboxed renderers can obtain thumbnails of arbitrary files through the nativeImage API GSA_kwCzR0hTQS1tcGptLXY5OTctYzRoNM0WiQ

npm electron
Moderate
over 4 years ago

IPC messages delivered to the wrong frame in Electron MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh2ZjgtaDJxaC0zN205

npm electron
Moderate
about 5 years ago

Arbitrary file read via window-open IPC in Electron MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY5bXEtanBoNi05bWht

npm electron

Filter by Severity

Moderate 10,069 High 8,040 Critical 3,304 Low 1,444

Filter by Ecosystem

maven 3,135 packagist 3,007 pypi 2,022 npm 1,354 go 1,273 nuget 659 rubygems 437 cargo 411 hex 16 swift 13 actions 7 pub 3

Filter by Package

directus 23 tinymce 14 tinymce/tinymce 11 bootstrap 11 TinyMCE 11 @openzeppelin/contracts 11 ckeditor4 11 @openzeppelin/contracts-upgradeable 11 vite 10 joplin 10 ghost 10 bootstrap 9 twbs/bootstrap 9 org.webjars:bootstrap 9 electron 9 angular 9 bootstrap 9 next 9 swagger-ui 9 parse-server 8 editor.md 8 nocodb 7 nodebb 7 bootstrap-sass 7 org.webjars.npm:jquery 7 validator 7 org.webjars.npm:jquery-ui 7 marked 7 uptime-kuma 7 jquery-rails 7 jquery-ui-rails 7 jquery-ui 7 jquery 7 bootstrap-sass 7 bootstrap.sass 7 jQuery.UI.Combined 7 vega 6 snyk-broker 6 urijs 6 undici 6 jQuery 6 flowise 6 sanitize-html 6 url-parse 6 froala-editor 5 @evershop/evershop 5 n8n 5 matrix-js-sdk 5 tarteaucitronjs 5 katex 5 vditor 5 matrix-appservice-irc 5 matrix-react-sdk 4 serve 4 @directus/api 4 dompurify 4 materialize-css 4 glance 4 vega-functions 4 rsshub 4 trix 4 yui 4 hono 3 follow-redirects 3 jose-node-cjs-runtime 3 apollo-server-core 3 jose-node-esm-runtime 3 @saltcorn/server 3 @materializecss/materialize 3 @ckeditor/ckeditor5-markdown-gfm 3 yapi-vendor 3 xlsx 3 systeminformation 3 mattermost-desktop 3 m-server 3 @jmondi/url-to-png 3 parse-url 3 valine 3 jose 3 express 3 public 3 @intlify/vue-i18n-core 3 @backstage/techdocs-common 3 @lobehub/chat 3 strapi 3 mysql 3 layui 3 moodle/moodle 3 org.webjars.npm:xlsx 3 django-tinymce 3 sequelize 3 next-auth 3 petite-vue-i18n 3 hapi 3 lodash 3 vue-i18n 3 postcss 3 renovate 3 statics-server 3 dojo 3 docsify 3 gitbook 2 jodit 2 auth0-lock 2 @cloudflare/workers-oauth-provider 2 fast-jwt 2 @umbraco-cms/backoffice 2 jszip 2 @builder.io/qwik 2 apollo-server 2 wrangler 2 serialize-javascript 2 json-pointer 2 jspdf 2 bootbox 2 sockjs 2 typo3/cms 2 prismjs 2 rendertron 2 axios 2 saml2-js 2 @braintree/sanitize-url 2 forms 2 mxgraph 2 lodash-es 2 maximebf/debugbar 2 http-file-server 2 @adobe/css-tools 2 node-sass 2 summernote 2 harp 2 ejs 2 @haxtheweb/haxcms-nodejs 2 webpack-dev-server 2 http-proxy-middleware 2 pug-code-gen 2 pug 2 @directus/app 2 simple-markdown 2 nodemailer 2 mapbox.js 2 tough-cookie 2 @fedify/fedify 2 jsonwebtoken 2 @strapi/utils 2 keystone 2 connect 2 status-board 2 notevil 2 node-red-dashboard 2 astro 2 simditor 2 handlebars 2 socket.io 2 xmldom 2 mongo-express 2 components/jquery 2 ckeditor/ckeditor 2 mcp-markdownify-server 2 froala/wysiwyg-editor 2 karma 2 @intlify/core 2 @auth0/nextjs-auth0 2 @finastra/nestjs-proxy 2 mysql2 2 i18next 2 drupal/core 2 @intlify/core-base 2 engine.io 2 Umbraco.Cms.StaticAssets 2 drupal/drupal 2 jsrsasign 2 jsoneditor 2 aws-cdk 2 reveal.js 2 @strapi/plugin-content-manager 2 stimulsoft-dashboards-js 2 @directus/storage-driver-s3 2 jellyfin-web 2 psitransfer 2 google-closure-library 2 @openc3/tool-common 2 matrix-appservice-bridge 2 nunjucks 2 pnpm 2 openmct 2 converse.js 2 highlight.js 2 bl 2 openc3 2 jose-browser-runtime 2 swagger-ui-dist 2 @strapi/strapi 2 uap-core 2 erxes 2 querymen 2 svelte 2 fastify 2 keycloak-connect 2 openpgp 2

Filter by Repository

https://github.com/electron/electron 10