|
267431
|
7.5 |
HIGH
Network
|
riot.js
|
riot-compiler
|
The riot-compiler version version 2.3.21 has an issue in a regex (Catastrophic Backtracking) thats make it unusable under certain conditions.
|
CWE-399
Resource Management Errors
|
CVE-2016-10527
|
2024-11-21 11:44 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267432
|
8.6 |
HIGH
Network
|
grunt-gh-pages_project
|
grunt-gh-pages
|
A common setup to deploy to gh-pages on every commit via a CI system is to expose a github token to ENV and to use it directly in the auth part of the url. In module versions < 0.9.1 the auth portion…
|
CWE-255
CWE-532
Credentials Management
Inclusion of Sensitive Information in Log Files
|
CVE-2016-10526
|
2024-11-21 11:44 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267433
|
8.2 |
HIGH
Network
|
i18n-node-angular_project
|
i18n-node-angular
|
i18n-node-angular is a module used to interact between i18n and angular without using additional resources. A REST API endpoint that is used for development in i18n-node-angular before 1.4.0 was not …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-10524
|
2024-11-21 11:44 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267434
|
7.5 |
HIGH
Network
|
mqtt-packet_project
|
mqtt-packet
|
MQTT before 3.4.6 and 4.0.x before 4.0.5 allows specifically crafted MQTT packets to crash the application, making a DoS attack feasible with very little bandwidth.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10523
|
2024-11-21 11:44 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267435
|
7.5 |
HIGH
Network
|
jshamcrest_project
|
jshamcrest
|
jshamcrest is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in to the emailAddress validator.
|
CWE-20
Improper Input Validation
|
CVE-2016-10521
|
2024-11-21 11:44 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267436
|
7.5 |
HIGH
Network
|
jadedown_project
|
jadedown
|
jadedown is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in.
|
CWE-20
Improper Input Validation
|
CVE-2016-10520
|
2024-11-21 11:44 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267437
|
7.5 |
HIGH
Network
|
webtorrent
|
bittorrent-dht
|
A security issue was found in bittorrent-dht before 5.1.3 that allows someone to send a specific series of messages to a listening peer and get it to reveal internal memory.
|
CWE-200
Information Exposure
|
CVE-2016-10519
|
2024-11-21 11:44 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267438
|
7.5 |
HIGH
Network
|
ws_project
|
ws
|
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a p…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10518
|
2024-11-21 11:44 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267439
|
8.1 |
HIGH
Network
|
mystem-fix_project
|
mystem-fix
|
mystem-fix is a node.js wrapper for MyStem morphology text analyzer by Yandex.ru mystem-fix downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cau…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10698
|
2024-11-21 11:44 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267440
|
8.1 |
HIGH
Network
|
massif_project
|
massif
|
massif is a Phantomjs fork massif downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested reso…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10682
|
2024-11-21 11:44 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
