|
269021
|
7.5 |
HIGH
Network
|
mqtt-packet_project
|
mqtt-packet
|
MQTT before 3.4.6 and 4.0.x before 4.0.5 allows specifically crafted MQTT packets to crash the application, making a DoS attack feasible with very little bandwidth.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10523
|
2024-11-21 11:44 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269022
|
7.5 |
HIGH
Network
|
jshamcrest_project
|
jshamcrest
|
jshamcrest is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in to the emailAddress validator.
|
CWE-20
Improper Input Validation
|
CVE-2016-10521
|
2024-11-21 11:44 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269023
|
7.5 |
HIGH
Network
|
jadedown_project
|
jadedown
|
jadedown is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in.
|
CWE-20
Improper Input Validation
|
CVE-2016-10520
|
2024-11-21 11:44 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269024
|
7.5 |
HIGH
Network
|
webtorrent
|
bittorrent-dht
|
A security issue was found in bittorrent-dht before 5.1.3 that allows someone to send a specific series of messages to a listening peer and get it to reveal internal memory.
|
CWE-200
Information Exposure
|
CVE-2016-10519
|
2024-11-21 11:44 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269025
|
7.5 |
HIGH
Network
|
ws_project
|
ws
|
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a p…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10518
|
2024-11-21 11:44 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269026
|
8.1 |
HIGH
Network
|
mystem-fix_project
|
mystem-fix
|
mystem-fix is a node.js wrapper for MyStem morphology text analyzer by Yandex.ru mystem-fix downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cau…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10698
|
2024-11-21 11:44 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269027
|
8.1 |
HIGH
Network
|
massif_project
|
massif
|
massif is a Phantomjs fork massif downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested reso…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10682
|
2024-11-21 11:44 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269028
|
8.1 |
HIGH
Network
|
robotwebtools
|
roslibjs
|
roslib-socketio - The standard ROS Javascript Library fork for add support to socket.io roslib-socketio downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be pos…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10681
|
2024-11-21 11:44 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269029
|
8.1 |
HIGH
Network
|
adamvr-geoip-lite_project
|
adamvr-geoip-lite
|
adamvr-geoip-lite is a light weight native JavaScript implementation of GeoIP API from MaxMind adamvr-geoip-lite downloads geoip resources over HTTP, which leaves it vulnerable to MITM attacks. This …
|
CWE-310
Cryptographic Issues
|
CVE-2016-10680
|
2024-11-21 11:44 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269030
|
8.1 |
HIGH
Network
|
limbus-buildgen_project
|
limbus-buildgen
|
limbus-buildgen is a "build anywhere" build system. limbus-buildgen versions below 0.1.1 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause r…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10674
|
2024-11-21 11:44 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
