Fedora 27 : nodejs-base64-url (2018-6f962c5533)

Security fix for https://snyk.io/vuln/npm:base64url:20180511 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing addition...

Fedora Update for nodejs-base64-url FEDORA-2018-b64b73ae61

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for nodejs-base64-url FEDORA-2018-6f962c5533

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 27 Update: nodejs-base64-url-2.2.0-1.fc27

Base64 encode, decode, escape and unescape for URL applications...

[SECURITY] Fedora 28 Update: nodejs-mixin-deep-1.3.1-1.fc28

Deeply mix the properties of objects into the first object. Like merge-deep, but doesn't clone...

CVE-2016-10578

unicode loads unicode data downloaded from unicode.org into nodejs. Unicode before 9.0.0 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks...

CVE-2016-10593

ibapi is an Interactive Brokers API addon for NodeJS. ibapi downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. Before 2.5.6, it may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker...

CVE-2016-10578

unicode loads unicode data downloaded from unicode.org into nodejs. Unicode before 9.0.0 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks...

Remote code execution

ibapi is an Interactive Brokers API addon for NodeJS. ibapi downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. Before 2.5.6, it may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker...

Sql injection

sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS In Postgres, SQLite, and Microsoft SQL Server there is an issue where arrays are treated as strings and improperly escaped. This...

CVE-2016-10556

sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS In Postgres, SQLite, and Microsoft SQL Server there is an issue where arrays are treated as strings and improperly escaped. This...

Code injection

unicode loads unicode data downloaded from unicode.org into nodejs. Unicode before 9.0.0 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks...

CVE-2016-10593

Issue : ibapi (NodeJS addon) downloads binary resources over HTTP, enabling MITM-based code execution. Root cause : unencrypted binary fetch allows an attacker on the network path to swap binaries. Impact : remote code execution in affected environments prior to version 2.5.6 (as stated in CVE-20...

CVE-2016-10578

unicode loads unicode data downloaded from unicode.org into nodejs. Unicode before 9.0.0 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks...

CVE-2016-10578

CVE-2016-10578 concerns the unicode package used with Node.js. It states that unicode loads data from unicode.org and, prior to version 9.0.0, downloads binary resources over HTTP, enabling a network attacker to modify or read resources (MitM). According to connected advisories, this can lead to ...

CVE-2016-10593

ibapi is an Interactive Brokers API addon for NodeJS. ibapi downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. Before 2.5.6, it may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker...

CVE-2016-10556

sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS In Postgres, SQLite, and Microsoft SQL Server there is an issue where arrays are treated as strings and improperly escaped. This...

Fedora Update for nodejs-deep-extend FEDORA-2018-636f73964f

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 28 Update: nodejs-deep-extend-0.5.1-1.fc28

Recursive object extending...

The Empire Multiuser GUI: Empire GUI

The Empire Multiuser GUI is a graphical interface to the Empire post-exploitation Framework. It was written in Electron and utilizes websockets SocketIO on the backend to support multiuser interaction. The main goal of this project is to enable red teams, or any other color team, to work together...