Total
2463 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-10617 | 1 Box2d-native Project | 1 Box2d-native | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
box2d-native downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10624 | 1 Selenium-chromedriver Project | 1 Selenium-chromedriver | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
selenium-chromedriver is a simple utility for downloading the Selenium Webdriver for Google Chrome selenium-chromedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10622 | 1 Nodeschnaps Project | 1 Nodeschnaps | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
nodeschnaps is a NodeJS compatibility layer for Java (Rhino). nodeschnaps downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10594 | 1 Ipip Project | 1 Ipip | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
ipip is a Node.js module to query geolocation information for an IP or domain, based on database by ipip.net. ipip downloads data resources over HTTP, which leaves it vulnerable to MITM attacks. | |||||
CVE-2016-10631 | 1 Jvminstall Project | 1 Jvminstall | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
jvminstall is a module for downloading and unpacking jvm to local system. jvminstall downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10628 | 1 Selenium-wrapper Project | 1 Selenium-wrapper | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
selenium-wrapper is a selenium server wrapper, including installation and chrome webdriver. selenium-wrapper downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10587 | 1 Wasdk Project | 1 Wasdk | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
wasdk is a toolkit for creating WebAssembly modules. wasdk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10643 | 1 Jstestdriver Project | 1 Jstestdriver | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
jstestdriver is a wrapper for Google's jstestdriver. jstestdriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10662 | 1 Tomita Project | 1 Tomita | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
tomita is a node wrapper for Yandex Tomita Parser tomita downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10623 | 1 Macaca-chromedriver-zxa Project | 1 Macaca-chromedriver-zxa | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
macaca-chromedriver-zxa is a Node.js wrapper for the selenium chromedriver. macaca-chromedriver-zxa downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10601 | 1 Uxebu | 1 Webdrvr | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
webdrvr is a npm wrapper for Selenium Webdriver including Chromedriver / IEDriver / IOSDriver / Ghostdriver. webdrvr downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10683 | 1 Hujiang | 1 Arcanist | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
arcanist downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10621 | 1 Fibjs Project | 1 Fibjs | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
fibjs is a runtime for javascript applictions built on google v8 JS. fibjs downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10648 | 1 Marionette-socket-host Project | 1 Marionette-socket-host | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
marionette-socket-host is a marionette-js-runner host for sending actions over a socket. marionette-socket-host downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10679 | 1 Selenium-standalone-painful Project | 1 Selenium-standalone-painful | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
selenium-standalone-painful installs a start-selenium command line to start a standalone selenium server with chrome-driver. selenium-standalone-painful downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10595 | 1 Jdf-sass Project | 1 Jdf-sass | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
jdf-sass is a fork from node-sass, jdf use only. jdf-sass downloads executable resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested file with an attacker controlled file if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10571 | 1 Bkjs-wand Project | 1 Bkjs-wand | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
bkjs-wand is imagemagick wand support for node.js and backendjs bkjs-wand versions lower than 0.3.2 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10698 | 1 Mystem-fix Project | 1 Mystem-fix | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
mystem-fix is a node.js wrapper for MyStem morphology text analyzer by Yandex.ru mystem-fix downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10692 | 1 Haxeshim Project | 1 Haxeshim | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
haxeshim haxe shim to deal with coexisting versions. haxeshim downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
CVE-2016-10612 | 1 Dalekjs | 1 Dalekjs | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
dalek-browser-ie-canary is Internet Explorer bindings for DalekJS. dalek-browser-ie-canary downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. |