Vulnerabilities > Electronjs > Electron > High

DATE CVE VULNERABILITY TITLE RISK
2023-12-01 CVE-2023-44402 Unspecified vulnerability in Electronjs Electron
Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS.
local
high complexity
electronjs
7.0
7.0
2023-09-06 CVE-2023-29198 Improper Check for Unusual or Exceptional Conditions vulnerability in Electronjs Electron
Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS.
network
high complexity
electronjs CWE-754
8.5
8.5
2022-06-13 CVE-2022-29257 Unspecified vulnerability in Electronjs Electron
Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS.
network
low complexity
electronjs
7.2
7.2
2021-10-12 CVE-2021-39184 Missing Authorization vulnerability in Electronjs Electron
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS.
network
low complexity
electronjs CWE-862
8.6
8.6
2020-10-06 CVE-2020-15174 Unspecified vulnerability in Electronjs Electron
In Electron before versions 11.0.0-beta.1, 10.0.1, 9.3.0 or 8.5.1 the `will-navigate` event that apps use to prevent navigations to unexpected destinations as per our security recommendations can be bypassed when a sub-frame performs a top-frame navigation across sites.
network
high complexity
electronjs
7.5
7.5
2020-07-07 CVE-2020-4075 Files or Directories Accessible to External Parties vulnerability in Electronjs Electron
In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary local file read is possible by defining unsafe window options on a child window opened via window.open.
network
low complexity
electronjs CWE-552
7.5
7.5
2018-08-23 CVE-2018-15685 Insecure Default Initialization of Resource vulnerability in Electronjs Electron
GitHub Electron 1.7.15, 1.8.7, 2.0.7, and 3.0.0-beta.6, in certain scenarios involving IFRAME elements and "nativeWindowOpen: true" or "sandbox: true" options, is affected by a WebPreferences vulnerability that can be leveraged to perform remote code execution.
network
high complexity
electronjs CWE-1188
8.1
8.1
2018-03-23 CVE-2018-1000136 Improper Input Validation vulnerability in Electronjs Electron
Electron version 1.7 up to 1.7.12; 1.8 up to 1.8.3 and 2.0.0 up to 2.0.0-beta.3 contains an improper handling of values vulnerability in Webviews that can result in remote code execution.
network
high complexity
electronjs CWE-20
8.1
8.1
2018-03-07 CVE-2018-1000118 OS Command Injection vulnerability in Electronjs Electron
Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute.
network
low complexity
electronjs CWE-78
8.8
8.8