Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-0361

Malware in sbrugna...

9.3CVSS8AI score0.01752EPSS
Exploits0References5
OSV
OSV
added 2019/02/18 11:47 p.m.23 views

GHSA-X56R-5R34-QG74 dalek-browser-ie-canary downloads Resources over HTTP

Affected versions of dalek-browser-ie-canary insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code executi...

8.1CVSS8.1AI score0.01752EPSS
Exploits0References3
Veracode
Veracode
added 2018/06/04 8:38 a.m.23 views

Man-in-the-Middle (MitM)

dalek-browser-ie-canary is vulnerable to man-in-the-middle MitM attacks. This is because it downloads binary resources via HTTP, allowing MitM attacks. Also, it may potentially cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker ...

8.1CVSS8.3AI score0.01752EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/06/01 6:29 p.m.29 views

CVE-2016-10612

dalek-browser-ie-canary is Internet Explorer bindings for DalekJS. dalek-browser-ie-canary downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binar...

9.3CVSS8.3AI score0.01752EPSS
Exploits0References1
CVE
CVE
added 2018/06/01 6:0 p.m.76 views

CVE-2016-10612

dalek-browser-ie-canary downloads binary resources over HTTP, enabling MitM and potential remote code execution if an attacker on the network intercepts and replaces the binary. Affected: dalek-browser-ie-canary (Internet Explorer bindings for DalekJS). Root cause: unencrypted HTTP delivery of ex...

9.3CVSS8.2AI score0.01752EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder