Vulnerabilities > Atom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-24 | CVE-2018-1000006 | OS Command Injection vulnerability in Atom Electron 0.33.4/1.8.2 GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user clicks on a specially crafted URL. | 8.8 |
| 2018-01-02 | CVE-2017-1000424 | Unspecified vulnerability in Atom Electron Github Electron version 1.6.4 - 1.6.11 and 1.7.0 - 1.7.5 is vulnerable to a URL Spoofing problem when opening PDFs in PDFium resulting loading arbitrary PDFs that a hacker can control. network atom | 4.3 |
| 2016-04-25 | CVE-2016-1202 | Remote Code Execution vulnerability in Atom Electron 0.33.4 Untrusted search path vulnerability in Atom Electron before 0.33.5 allows local users to gain privileges via a Trojan horse Node.js module in a parent directory of a directory named on a require line. | 7.2 |
| 2007-06-08 | CVE-2007-3135 | Input Validation vulnerability in Atom PhotoBlog AtomPhotoBlog.PHP Cross-site scripting (XSS) vulnerability in atomPhotoBlog.php in Atom Photoblog 1.0.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter. network atom | 4.3 |
| 2007-06-08 | CVE-2007-3134 | Cross-Site Scripting vulnerability in Photoblog Multiple cross-site scripting (XSS) vulnerabilities in atomPhotoBlog.php in Atom PhotoBlog 1.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Your Name, (2) Your Homepage, and (3) Your Comment fields, when using "Approve Comments." network atom | 4.3 |