1 results (0.005 seconds)
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 2
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 2CVE-2023-31874 – Yank Note v3.52.1 (Electron) - Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2023-31874
24 May 2023 — Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire('child_process'). Yank Note (YN) 3.52.1 permite la ejecución de código arbitrario cuando se abre un archivo manipulado, por ejemplo: "via nodeRequire('child_process')". Yank Note version 3.52.1 suffers from an arbitrary code execution vulnerability. • https://packetstorm.news/files/id/172535 • CWE-732: Incorrect Permission Assignment for Critical Resource •