← Back

Atom

atom

5 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Electron
electron
3 CVEs
Photoblog
photoblog
2 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-1000006
1Atom
1Electron
Nov 21, 2024
Jan 24, 2018
N/A· v4
8.8 HIGH· v3
9.3 HIGH· v2
GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom prot...Show more
GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user clicks on a specially crafted URL. This has been fixed in versions 1.8.2-beta.4, 1.7.11, and 1.6.16.Show less
CVE-2017-1000424
1Atom
1Electron
Nov 21, 2024
Jan 2, 2018
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
Github Electron version 1.6.4 - 1.6.11 and 1.7.0 - 1.7.5 is vulnerable to a URL Spoofing problem when opening PDFs in PDFium resulting loading arbitrary PDFs that a hacker can control.
CVE-2016-1202
1Atom
1Electron
May 6, 2026
Apr 25, 2016
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
Untrusted search path vulnerability in Atom Electron before 0.33.5 allows local users to gain privileges via a Trojan horse Node.js module in a parent directory of a directory named on a require line.
CVE-2007-3135
1Atom
1Photoblog
Apr 23, 2026
Jun 8, 2007
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in atomPhotoBlog.php in Atom Photoblog 1.0.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter.
CVE-2007-3134
1Atom
1Photoblog
Apr 23, 2026
Jun 8, 2007
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Multiple cross-site scripting (XSS) vulnerabilities in atomPhotoBlog.php in Atom PhotoBlog 1.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Your Name, (2) Your Homepage, and (3)...Show more
Multiple cross-site scripting (XSS) vulnerabilities in atomPhotoBlog.php in Atom PhotoBlog 1.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Your Name, (2) Your Homepage, and (3) Your Comment fields, when using "Approve Comments."Show less