Lucene search
K

240 matches found

NVD
NVD
added 2018/06/04 4:29 p.m.18 views

CVE-2016-10638

js-given is a JavaScript frontend to jgiven. js-given downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the network o...

9.3CVSS8.3AI score0.01682EPSS
Exploits0References1
Prion
Prion
added 2018/06/04 4:29 p.m.11 views

Remote code execution

jstestdriver is a wrapper for Google's jstestdriver. jstestdriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on t...

9.3CVSS8AI score0.01682EPSS
Exploits0References1
Prion
Prion
added 2018/06/04 4:29 p.m.12 views

Remote code execution

slimerjs-edge is a npm wrapper for installing the bleeding edge version of slimerjs. slimerjs-edge downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controll...

9.3CVSS8AI score0.01752EPSS
Exploits0References1
Prion
Prion
added 2018/06/04 4:29 p.m.12 views

Remote code execution

node-air-sdk is an AIR SDK for nodejs. node-air-sdk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or...

9.3CVSS8.1AI score0.01752EPSS
Exploits0References1
Prion
Prion
added 2018/06/04 4:29 p.m.13 views

Design/Logic Flaw

xd-testing is a testing library for cross-device XD web applications. xd-testing downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the...

9.3CVSS8AI score0.01752EPSS
Exploits0References1
Prion
Prion
added 2018/06/04 4:29 p.m.14 views

Remote code execution

windows-selenium-chromedriver is a module that downloads the Selenium Jar file. windows-selenium-chromedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an...

9.3CVSS8AI score0.01752EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/06/04 4:29 p.m.9 views

Remote code execution

tomita is a node wrapper for Yandex Tomita Parser tomita downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the netwo...

9.3CVSS8AI score0.01682EPSS
Exploits0References1
Prion
Prion
added 2018/06/04 4:29 p.m.18 views

Remote code execution

pm2-kafka is a PM2 module that installs and runs a kafka server pm2-kafka downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacke...

9.3CVSS8AI score0.01752EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/06/04 4:29 p.m.25 views

CVE-2016-10648

marionette-socket-host is a marionette-js-runner host for sending actions over a socket. marionette-socket-host downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an...

9.3CVSS8.3AI score0.01752EPSS
Exploits0References1
Prion
Prion
added 2018/06/04 4:29 p.m.13 views

Remote code execution

frames-compiler downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and t...

9.3CVSS8AI score0.02104EPSS
Exploits0References1
Prion
Prion
added 2018/06/04 4:29 p.m.12 views

Remote code execution

fis-sass-all is another libsass wrapper for node. fis-sass-all downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the...

9.3CVSS8AI score0.02104EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/06/04 4:0 p.m.27 views

CVE-2016-10646

resourcehacker is a Node wrapper of Resource Hacker windows executable resource editor. resourcehacker downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker...

8.3AI score0.01682EPSS
Exploits0References1
CVE
CVE
added 2018/06/04 4:0 p.m.50 views

CVE-2016-10689

CVE-2016-10689 affects the windows-iedriver module, which downloads the iedriverserver.exe binary over HTTP. This enables a man-in-the-middle attacker on the network path to intercept the response and swap the binary, potentially leading to remote code execution on the host running the driver. Th...

9.3CVSS8.3AI score0.01682EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/06/04 4:0 p.m.22 views

CVE-2016-10643

jstestdriver is a wrapper for Google's jstestdriver. jstestdriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on t...

8.3AI score0.01682EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/06/04 4:0 p.m.22 views

CVE-2016-10664

mystem is a Node.js wrapper for MyStem morphology text analyzer by Yandex.ru mystem downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if th...

8.3AI score0.01682EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/06/04 4:0 p.m.21 views

CVE-2016-10638

js-given is a JavaScript frontend to jgiven. js-given downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the network o...

8.3AI score0.01682EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/06/04 4:0 p.m.17 views

CVE-2016-10669

soci downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote...

8.3AI score0.01682EPSS
Exploits0References1
CVE
CVE
added 2018/06/04 4:0 p.m.51 views

CVE-2016-10638

The CVE-2016-10638 issue affects the JavaScript frontend js-given, which downloads binary resources over HTTP. The root cause is insecure (unencrypted) HTTP delivery, enabling a MitM attacker to intercept the response and substitute the requested binary with a malicious one, potentially leading t...

9.3CVSS8.2AI score0.01682EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/06/04 4:0 p.m.15 views

CVE-2016-10647

node-air-sdk is an AIR SDK for nodejs. node-air-sdk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or...

8.4AI score0.01752EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/06/04 4:0 p.m.24 views

CVE-2016-10678

serc.js is a Selenium RC process wrapper serc.js downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or...

8.3AI score0.01682EPSS
Exploits0References1
Rows per page
Query Builder