|
269171
|
7.5 |
HIGH
Network
|
bitcoin
|
bitcoin_core
bitcoin-qt
bitcoind
|
In Bitcoin Core before v0.13.0, a non-final alert is able to block the special "final alert" (which is supposed to override all other alerts) because operations occur in the wrong order. This behavio…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10725
|
2024-11-21 11:44 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269172
|
7.5 |
HIGH
Network
|
bitcoin
|
bitcoin_core
bitcoin-qt
bitcoind
|
Bitcoin Core before v0.13.0 allows denial of service (memory exhaustion) triggered by the remote network alert system (deprecated since Q1 2016) if an attacker can sign a message with a certain priva…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-10724
|
2024-11-21 11:44 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269173
|
8.8 |
HIGH
Network
|
rails_admin_project
|
rails_admin
|
rails_admin ruby gem <v1.1.1 is vulnerable to cross-site request forgery (CSRF) attacks. Non-GET methods were not validating CSRF tokens and, as a result, an attacker could hypothetically gain access…
|
CWE-352
Origin Validation Error
|
CVE-2016-10522
|
2024-11-21 11:44 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269174
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An issue was discovered in the Linux kernel through 4.17.2. Since the page allocator does not yield CPU resources to the owner of the oom_lock mutex, a local unprivileged user can trivially lock up t…
|
CWE-399
Resource Management Errors
|
CVE-2016-10723
|
2024-11-21 11:44 |
2018-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269175
|
8.1 |
HIGH
Network
|
react-native-baidu-voice-synthesizer_project
|
react-native-baidu-voice-synthesizer
|
react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attac…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10697
|
2024-11-21 11:44 |
2018-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269176
|
8.1 |
HIGH
Network
|
windows-latestchromedriver_project
|
windows-latestchromedriver
|
windows-latestchromedriver downloads the latest version of chromedriver.exe. windows-latestchromedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be pos…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10696
|
2024-11-21 11:44 |
2018-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269177
|
8.1 |
HIGH
Network
|
mapbox
|
npm-test-sqlite3-trunk
|
The npm-test-sqlite3-trunk module provides asynchronous, non-blocking SQLite3 bindings. npm-test-sqlite3-trunk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10695
|
2024-11-21 11:44 |
2018-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269178
|
8.1 |
HIGH
Network
|
alto-saxophone_project
|
alto-saxophone
|
alto-saxophone is a module to install and launch Chromedriver for Mac, Linux or Windows. alto-saxophone versions below 2.25.1 download binary resources over HTTP, which leaves it vulnerable to MITM a…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10694
|
2024-11-21 11:44 |
2018-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269179
|
8.1 |
HIGH
Network
|
pm2-kafka_project
|
pm2-kafka
|
pm2-kafka is a PM2 module that installs and runs a kafka server pm2-kafka downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code exe…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10693
|
2024-11-21 11:44 |
2018-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269180
|
8.1 |
HIGH
Network
|
haxeshim_project
|
haxeshim
|
haxeshim haxe shim to deal with coexisting versions. haxeshim downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swa…
|
CWE-310
Cryptographic Issues
|
CVE-2016-10692
|
2024-11-21 11:44 |
2018-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
