3270 matches found
CVE-2019-1659 Cisco Prime Infrastructure Certificate Validation Vulnerability
A vulnerability in the Identity Services Engine ISE integration feature of Cisco Prime Infrastructure PI could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack against the Secure Sockets Layer SSL tunnel established between ISE and PI. The vulnerability is due to...
closure-util downloads Resources over HTTP
Affected versions of closure-util insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the...
GHSA-2HPJ-G53M-9GJ6 closure-util downloads Resources over HTTP
Affected versions of closure-util insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the...
GHSA-4PF7-579W-F4GM dwebp-bin downloads Resources over HTTP
Affected versions of dwebp-bin insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syst...
GHSA-G95J-P8F6-PWH4 headless-browser-lite downloads Resources over HTTP
Affected versions of headless-browser-lite insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution...
GHSA-362X-34H3-H6H6 Downloads Resources over HTTP in box2d-native
Affected versions of box2d-native insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the...
GHSA-8P52-7CXV-6C95 Downloads Resources over HTTP in curses
Affected versions of curses insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system...
GHSA-F757-9C4X-CHFF poco downloads Resources over HTTP
Affected versions of poco insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system...
GHSA-722Q-3G9X-VP8Q Downloads Resources over HTTP in tomita-parser
Affected versions of tomita-parser insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the...
GHSA-3X83-P476-VV95 Downloads Resources over HTTP in selenium-standalone-painful
Affected versions of selenium-standalone-painful insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...
GHSA-4V2C-G2XC-47FV Downloads Resources over HTTP in massif
Affected versions of massif insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system...
Downloads Resources over HTTP in iedriver
Affected versions of iedriver insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syste...
GHSA-JFGQ-G48X-JQ83 Downloads Resources over HTTP in iedriver
Affected versions of iedriver insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syste...
GHSA-4WM5-Q7WV-6JX3 Downloads Resources over HTTP in bkjs-wand
Affected versions of bkjs-wand insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syst...
GHSA-3627-W2QR-5FXR fuseki downloads Resources over HTTP
Affected versions of fuseki insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system...
Downloads Resources over HTTP in cue-sdk-node
Affected versions of cue-sdk-node insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the...
Downloads Resources over HTTP in webrtc-native
Affected versions of webrtc-native insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the...
robot-js downloads Resources over HTTP
Affected versions of robot-js insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syste...
GHSA-6V7P-J23V-4XMW robot-js downloads Resources over HTTP
Affected versions of robot-js insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syste...
selenium-chromedriver Downloads Resources over HTTP
Affected versions of selenium-chromedriver insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution...