Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

663 matches found

Node.js
Node.jsadded 2016/12/02 4:48 a.m.39 views

Downloads Resources over HTTP

Overview Affected versions of massif insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on th...

9.3CVSS5.1AI score0.01682EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/02 4:47 a.m.38 views

Downloads Resources over HTTP

Overview Affected versions of pk-app-wonderbox insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...

9.3CVSS6.2AI score0.01682EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/02 4:43 a.m.37 views

Downloads Resources over HTTP

Overview Affected versions of fis-sass-all insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution...

9.3CVSS6.2AI score0.02104EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/02 4:42 a.m.41 views

Downloads Resources over HTTP

Overview Affected versions of arcanist insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on...

9.3CVSS5.5AI score0.01682EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/02 4:36 a.m.38 views

Downloads Resources over HTTP

Overview Affected versions of selenium-standalone-painful insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in...

9.3CVSS6.2AI score0.02021EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/02 4:35 a.m.47 views

Downloads Resources over HTTP

Overview Affected versions of adamvr-geoip-lite insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. This could impact the integrity and availability of the data being used to make geolocation...

6.8CVSS3.6AI score0.00717EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/02 4:32 a.m.30 views

Downloads Resources over HTTP

Overview Affected versions of cloudpub-redis insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code executi...

9.3CVSS6.2AI score0.01682EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/02 4:31 a.m.30 views

Downloads Resources over HTTP

Overview Affected versions of windows-seleniumjar-mirror insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in...

9.3CVSS5AI score0.01682EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/02 4:30 a.m.37 views

Downloads Resources over HTTP

Overview Affected versions of mystem-wrapper insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code executi...

9.3CVSS6.2AI score0.01682EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/02 4:28 a.m.32 views

Downloads Resources over HTTP

Overview Affected versions of ipip-coffee insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. This could impact the integrity and availability of the data being used to make geolocation decision...

6.8CVSS3.6AI score0.00546EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/02 4:11 a.m.31 views

Downloads Resources over HTTP

Overview Affected versions of serc.js insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on t...

9.3CVSS6.1AI score0.01682EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/02 1:34 a.m.37 views

Downloads Resources over HTTP

Overview Affected versions of google-closure-tools-latest insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in...

9.3CVSS5.2AI score0.01752EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/02 1:33 a.m.31 views

Downloads Resources over HTTP

Overview Affected versions of rs-brightcove insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code executio...

9.3CVSS6.2AI score0.01752EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/02 1:31 a.m.33 views

Downloads Resources over HTTP

Overview Affected versions of libsbml insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on t...

9.3CVSS5AI score0.02021EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/02 1:27 a.m.43 views

Downloads Resources over HTTP

Overview Affected versions of soci insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the...

9.3CVSS5.4AI score0.01682EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/02 1:22 a.m.39 views

Downloads Resources over HTTP

Overview Affected versions of co-cli-installer insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...

9.3CVSS6.2AI score0.01682EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/02 1:3 a.m.37 views

Downloads Resources over HTTP

Overview Affected versions of qbs insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the...

9.3CVSS5.6AI score0.01682EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/01 7:33 p.m.40 views

Downloads Resources over HTTP

Overview Affected versions of xd-testing insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution o...

9.3CVSS6.2AI score0.01752EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/01 7:24 p.m.25 views

Downloads Resources over HTTP

Overview Affected versions of marionette-socket-host insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...

9.3CVSS5AI score0.01752EPSS
Exploits0Affected Software1
Node.js
Node.jsadded 2016/12/01 7:20 p.m.28 views

Downloads Resources over HTTP

Overview Affected versions of node-air-sdk insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution...

9.3CVSS6.2AI score0.01752EPSS
Exploits0Affected Software1
Rows per page
Query Builder