Total
2471 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10698 | 1 Mystem-fix Project | 1 Mystem-fix | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| mystem-fix is a node.js wrapper for MyStem morphology text analyzer by Yandex.ru mystem-fix downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10697 | 1 React-native-baidu-voice-synthesizer Project | 1 React-native-baidu-voice-synthesizer | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10696 | 1 Windows-latestchromedriver Project | 1 Windows-latestchromedriver | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| windows-latestchromedriver downloads the latest version of chromedriver.exe. windows-latestchromedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10695 | 1 Mapbox | 1 Npm-test-sqlite3-trunk | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| The npm-test-sqlite3-trunk module provides asynchronous, non-blocking SQLite3 bindings. npm-test-sqlite3-trunk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10694 | 1 Alto-saxophone Project | 1 Alto-saxophone | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| alto-saxophone is a module to install and launch Chromedriver for Mac, Linux or Windows. alto-saxophone versions below 2.25.1 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10693 | 1 Pm2-kafka Project | 1 Pm2-kafka | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| pm2-kafka is a PM2 module that installs and runs a kafka server pm2-kafka downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10692 | 1 Haxeshim Project | 1 Haxeshim | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| haxeshim haxe shim to deal with coexisting versions. haxeshim downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10691 | 1 Windows-seleniumjar Project | 1 Windows-seleniumjar | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| windows-seleniumjar is a module that downloads the Selenium Jar file windows-seleniumjar downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10690 | 1 Openframe-ascii-image Project | 1 Openframe-ascii-image | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| openframe-ascii-image module is an openframe plugin which adds support for ascii images via fim. openframe-ascii-image downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10689 | 1 Windows-iedriver Project | 1 Windows-iedriver | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| The windows-iedriver module downloads fixed version of iedriverserver.exe windows-iedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10688 | 1 Haxe | 1 Haxe | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| Haxe 3 : The Cross-Platform Toolkit (a fork from David Mouton's damoebius/haxe-npm) haxe3 downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10687 | 1 Windows-selenium-chromedriver Project | 1 Windows-selenium-chromedriver | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| windows-selenium-chromedriver is a module that downloads the Selenium Jar file. windows-selenium-chromedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10686 | 1 Fis-sass-all Project | 1 Fis-sass-all | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| fis-sass-all is another libsass wrapper for node. fis-sass-all downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10685 | 1 Pk-app-wonderbox Project | 1 Pk-app-wonderbox | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| pk-app-wonderbox is an integration with wonderbox pk-app-wonderbox downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10684 | 1 Healthcenter Project | 1 Healthcenter | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| healthcenter - IBM Monitoring and Diagnostic Tools health Center agent healthcenter downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10683 | 1 Hujiang | 1 Arcanist | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| arcanist downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10682 | 1 Massif Project | 1 Massif | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| massif is a Phantomjs fork massif downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10681 | 1 Robotwebtools | 1 Roslibjs | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| roslib-socketio - The standard ROS Javascript Library fork for add support to socket.io roslib-socketio downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||
| CVE-2016-10680 | 1 Adamvr-geoip-lite Project | 1 Adamvr-geoip-lite | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| adamvr-geoip-lite is a light weight native JavaScript implementation of GeoIP API from MaxMind adamvr-geoip-lite downloads geoip resources over HTTP, which leaves it vulnerable to MITM attacks. This impacts the integrity and availability of this geoip data that may alter the decisions made by an application using this data. | |||||
| CVE-2016-10679 | 1 Selenium-standalone-painful Project | 1 Selenium-standalone-painful | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| selenium-standalone-painful installs a start-selenium command line to start a standalone selenium server with chrome-driver. selenium-standalone-painful downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | |||||