Lucene search
K

5 matches found

CNVD
CNVD
added 2018/06/15 12:0 a.m.3 views

react-native-baidu-voice-synthesizer code execution vulnerability

react-native-baidu-voice-synthesizer is a speech synthesizer for use in Node.js. A security vulnerability exists in react-native-baidu-voice-synthesizer, which originates when the program downloads a binary file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerabilit...

9.3CVSS8.1AI score0.01752EPSS
Exploits0References1
OSV
OSV
added 2018/06/04 7:29 p.m.18 views

CVE-2016-10697

react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources...

8.1CVSS8.6AI score
Exploits0References1
NVD
NVD
added 2018/06/04 7:29 p.m.16 views

CVE-2016-10697

react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources...

9.3CVSS8.3AI score0.01752EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/06/04 7:0 p.m.22 views

CVE-2016-10697

react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources...

8.3AI score0.01752EPSS
Exploits0References1
CVE
CVE
added 2018/06/04 7:0 p.m.44 views

CVE-2016-10697

The vulnerability CVE-2016-10697 affects react-native-baidu-voice-synthesizer, which downloads resources over HTTP. The underlying issue is unencrypted network requests, enabling MITM interception and potential remote code execution by substituting resources with attacker-controlled copies. Multi...

9.3CVSS8.2AI score0.01752EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder