6 matches found
EUVD-2019-0336
Malware in sbrugna...
EUVD-2019-0245
Malware in sbrugna...
EUVD-2019-0208
Malware in sbrugna...
CVE-2016-10639
redis-srvr is a npm wrapper for redis-server. redis-srvr downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the networ...
CVE-2016-10694
alto-saxophone is a module to install and launch Chromedriver for Mac, Linux or Windows. alto-saxophone versions below 2.25.1 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary...
CVE-2016-10640
node-thulac, a Node binding for thulac, downloads binary resources over HTTP, making it vulnerable to MITM attacks. The available sources (NVD/NPM advisory/GHSA/OSV) describe potential remote code execution if an attacker on the network swaps the requested binary with a malicious one. Affected ve...