Total
446 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10665 | 1 Herbivore Project | 1 Herbivore | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| herbivore is a packet sniffing and crafting library. Built on libtins herbivore 0.0.3 and below download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10664 | 1 Mystem Project | 1 Mystem | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| mystem is a Node.js wrapper for MyStem morphology text analyzer by Yandex.ru mystem downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10662 | 1 Tomita Project | 1 Tomita | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| tomita is a node wrapper for Yandex Tomita Parser tomita downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10661 | 1 Phantomjs-cheniu Project | 1 Phantomjs-cheniu | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| phantomjs-cheniu is a Headless WebKit with JS API phantomjs-cheniu downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10660 | 1 Fis-parser-sass-bin Project | 1 Fis-parser-sass-bin | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| fis-parser-sass-bin a plugin for fis to compile sass using node-sass-binaries. fis-parser-sass-bin downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10659 | 1 Macchina | 1 Poco | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| poco - The POCO libraries, downloads source file resources used for compilation over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10657 | 1 Co-cli-installer Project | 1 Co-cli-installer | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| co-cli-installer downloads the co-cli module as part of the install process, but does so over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10656 | 1 Qbs Project | 1 Qbs | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| qbs is a build tool that helps simplify the build process for developing projects across multiple platforms. qbs downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10655 | 1 Clang-extra Project | 1 Clang-extra | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| The clang-extra module installs LLVM's clang-extra tools. clang-extra downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10654 | 1 Sfml Project | 1 Sfml | 2019-10-09 | 6.8 MEDIUM | 8.1 HIGH |
| sfml downloads resources over HTTP, which leaves it vulnerable to MITM attacks. | |||||
| CVE-2016-10653 | 1 Xd-testing Project | 1 Xd-testing | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| xd-testing is a testing library for cross-device (XD) web applications. xd-testing downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10652 | 1 Prebuild-lwip Project | 1 Prebuild-lwip | 2019-10-09 | 6.8 MEDIUM | 8.1 HIGH |
| prebuild-lwip is a module for comprehensive, fast, and simple image processing and manipulation. prebuild-lwip downloads resources over HTTP, which leaves it vulnerable to MITM attacks. | |||||
| CVE-2016-10651 | 1 Webdriver-launcher Project | 1 Webdriver-launcher | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| webdriver-launcher is a Node.js Selenium Webdriver Launcher. webdriver-launcher downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10650 | 1 Shutterstock | 1 Ntfserver | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| ntfserver is a Network Testing Framework Server. ntfserver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10649 | 1 Frames-compiler Project | 1 Frames-compiler | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| frames-compiler downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10648 | 1 Marionette-socket-host Project | 1 Marionette-socket-host | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| marionette-socket-host is a marionette-js-runner host for sending actions over a socket. marionette-socket-host downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10647 | 1 Node-air-sdk Project | 1 Node-air-sdk | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| node-air-sdk is an AIR SDK for nodejs. node-air-sdk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10646 | 1 Resourcehacker Project | 1 Resourcehacker | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| resourcehacker is a Node wrapper of Resource Hacker (windows executable resource editor). resourcehacker downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10645 | 1 Grunt-images Project | 1 Grunt-images | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| grunt-images is a grunt plugin for processing images. grunt-images downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10644 | 1 Slimerjs-edge Project | 1 Slimerjs-edge | 2019-10-09 | 9.3 HIGH | 8.1 HIGH |
| slimerjs-edge is a npm wrapper for installing the bleeding edge version of slimerjs. slimerjs-edge downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||