New vulnerabilities from the NVD: CVE-2016-7076 | | sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges. Published at: May 29, 2018 at 04:29PM View on website May 29, 2018 at 06:37PM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10591 | | Prince is a Node API for executing XML/HTML to PDF renderer PrinceXML via prince(1) CLI. prince downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested tarball with an attacker controlled tarball if the attacker is on the network or positioned in between the user and the remote server. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10590 | | cue-sdk-node is a Corsair Cue SDK wrapper for node.js. cue-sdk-node downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested zip file with an attacker controlled zip file if the attacker is on the network or positioned in between the user and the remote server. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10589 | | selenium-binaries downloads Selenium related binaries for your OS. selenium-binaries downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10586 | | macaca-chromedriver is a Node.js wrapper for the selenium chromedriver. macaca-chromedriver before 1.0.29 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10584 | | dalek-browser-chrome-canary provides Google Chrome bindings for DalekJS. dalek-browser-chrome-canary downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10578 | | unicode loads unicode data downloaded from unicode.org into nodejs. Unicode before 9.0.0 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10577 | | ibm_db is an asynchronous/synchronous interface for node.js to IBM DB2 and IBM Informix. ibm_db before 1.0.2 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10573 | | baryton-saxophone is a module to install and launch Selenium Server for Mac, Linux and Windows. baryton-saxophone versions below 3.0.1 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10570 | | pngcrush-installer is an installer for Pngcrush. pngcrush-installer versions below 1.8.10 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10568 | | geoip-lite-country is a stripped down version of geoip-lite, supporting only country lookup. geoip-lite-country before 1.1.4 downloads data resources over HTTP, which leaves it vulnerable to MITM attacks. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10567 | | product-monitor is a HTML/JavaScript template for monitoring a product by encouraging product developers to gather all the information about the status of a product, including live monitoring, statistics, endpoints, and test results into one place. product-monitor versions below 2.2.5 download JavaScript resources over HTTP, which leaves the module vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested JavaScript file with an attacker controlled JavaScript file if the attacker is on the network or positioned in between the user and the remote server. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10566 | | install-nw is a module which quickly and robustly installs and caches NW.js. install-nw versions below 1.1.5 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10559 | | selenium-download downloads the latest versions of the selenium standalone server and the chromedriver. selenium-download before 2.0.7 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10558 | | aerospike is an Aerospike add-on module for Node.js. aerospike versions below 2.4.2 download binary resources over HTTP, which leaves the module vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10556 | | sequalize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS In Postgres, SQLite, and Microsoft SQL Server there is an issue where arrays are treated as strings and improperly escaped. This causes potential SQL injection in sequelize 3.19.3 and earlier, where a malicious user could put `["test", "'); DELETE TestTable WHERE Id = 1 --')"]` inside of ``` database.query('SELECT * FROM TestTable WHERE Name IN (:names)', { replacements: { names: directCopyOfUserInput } }); ``` and cause the SQL statement to become `SELECT Id FROM Table WHERE Name IN ('test', '\'); DELETE TestTable WHERE Id = 1 --')`. In Postgres, MSSQL, and SQLite, the backslash has no special meaning. This causes the the statement to delete whichever Id has a value of 1 in the TestTable table. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10551 | | waterline-sequel is a module that helps generate SQL statements for Waterline apps Any user input that goes into Waterline's `like`, `contains`, `startsWith`, or `endsWith` will end up in waterline-sequel with the potential for malicious code. A malicious user can input their own SQL statements in waterline-sequel 0.50 that will get executed and have full access to the database. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10525 | | When attempting to allow authentication mode `try` in hapi, hapi-auth-jwt2 version 5.1.1 introduced an issue whereby people could bypass authentication. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-9244 | | Keys of objects in mysql node module v2.0.0-alpha7 and earlier are not escaped with `mysql.escape()` which could lead to SQL Injection. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-9243 | | When server level, connection level or route level CORS configurations in hapi node module before 11.1.4 are combined and when a higher level config included security restrictions (like origin), a higher level config that included security restrictions (like origin) would have those restrictions overridden by less restrictive defaults (e.g. origin defaults to all origins `*`). Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-9242 | | Certain input strings when passed to new Date() or Date.parse() in ecstatic node module before 1.4.0 will cause v8 to raise an exception. This leads to a crash and denial of service in ecstatic when this input is passed into the server via the If-Modified-Since header. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-9241 | | Certain input passed into the If-Modified-Since or Last-Modified headers will cause an 'illegal access' exception to be raised. Instead of sending a HTTP 500 error back to the sender, hapi node module before 11.1.3 will continue to hold the socket open until timed out (default node timeout is 2 minutes). Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-9240 | | Due to a bug in the the default sign in functionality in the keystone node module before 0.3.16, incomplete email addresses could be matched. A correct password is still required to complete sign in. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-9235 | | In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family) Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2014-10068 | | The inert directory handler in inert node module before 1.1.1 always allows files in hidden directories to be served, even when `showHidden` is false. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2014-10067 | | paypal-ipn before 3.0.0 uses the `test_ipn` parameter (which is set by the PayPal IPN simulator) to determine if it should use the production PayPal site or the sandbox. With a bit of time, an attacker could craft a request using the simulator that would fool any application which does not explicitly check for test_ipn in production. Published at: May 29, 2018 at 11:29PM View on website May 30, 2018 at 02:37AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-7610 | | Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hijack the authentication of unspecified victims by leveraging failure to use a CSRF token. Published at: May 31, 2018 at 12:29AM View on website May 31, 2018 at 02:05AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10533 | | express-restify-mongoose is a module to easily create a flexible REST interface for mongoose models. express-restify-mongoose 2.4.2 and earlier and 3.0.X through 3.0.1 allows a malicious user to send a request for `GET /User?distinct=password` and get all the passwords for all the users in the database, despite the field being set to private. This can be used for other private data if the malicious user knew what was set as private for specific routes. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10532 | | console-io is a module that allows users to implement a web console in their application. A malicious user could bypass the authentication and execute any command that the user who is running the console-io application 2.2.13 and earlier is able to run. This means that if console-io was running from root, the attacker would have full access to the system. This vulnerability exists because the console-io application does not configure socket.io to require authentication, which allows a malicious user to connect via a websocket to send commands and receive the response. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10531 | | marked is an application that is meant to parse and compile markdown. Due to the way that marked 0.3.5 and earlier parses input, specifically HTML entities, it's possible to bypass marked's content injection protection (`sanitize: true`) to inject a `javascript:` URL. This flaw exists because `&#xNNanything;` gets parsed to what it could and leaves the rest behind, resulting in just `anything;` being left. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10530 | | The airbrake module 0.3.8 and earlier defaults to sending environment variables over HTTP. Environment variables can often times contain secret keys and other sensitive values. A malicious user could be on the same network as a regular user and intercept all the secret keys the user is sending. This goes against common best practice, which is to use HTTPS. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10529 | | Droppy versions <3.5.0 does not perform any verification for cross-domain websocket requests. An attacker is able to make a specially crafted page that can send requests as the context of the currently logged in user. For example this means the malicious user could add a new admin account under his control and delete others. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10528 | | restafary is a REpresentful State Transfer API for Creating, Reading, Using, Deleting files on a server from the web. Restafary before 1.6.1 is able to set up a root path, which should only allow it to run inside of that root path it specified. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10527 | | The riot-compiler version version 2.3.21 has an issue in a regex (Catastrophic Backtracking) thats make it unusable under certain conditions. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10526 | | A common setup to deploy to gh-pages on every commit via a CI system is to expose a github token to ENV and to use it directly in the auth part of the url. In module versions < 0.9.1 the auth portion of the url is outputted as part of the grunt tasks logging function. If this output is publicly available then the credentials should be considered compromised. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10524 | | i18n-node-angular is a module used to interact between i18n and angular without using additional resources. A REST API endpoint that is used for development in i18n-node-angular before 1.4.0 was not disabled in production environments a malicious user could fill up the server causing a Denial of Service or content injection. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10523 | | MQTT before 3.4.6 and 4.0.x before 4.0.5 allows specifically crafted MQTT packets to crash the application, making a DoS attack feasible with very little bandwidth. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10521 | | jshamcrest is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in to the emailAddress validator. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10520 | | jadedown is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10519 | | A security issue was found in bittorrent-dht before 5.1.3 that allows someone to send a specific series of messages to a listening peer and get it to reveal internal memory. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-10518 | | A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but internally ws always transforms all data that we need to send to a Buffer instance and that is where the vulnerability existed. ws didn't do any checks for the type of data it was sending. With buffers in node when you allocate it when a number instead of a string it will allocate the amount of bytes. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-9239 | | ansi2html is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-9238 | | secure-compare 3.0.0 and below do not actually compare two strings properly. compare was actually comparing the first argument with itself, meaning the check passed for any two strings of the same length. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2015-9236 | | Hapi versions less than 11.0.0 implement CORS incorrectly and allowed for configurations that at best returned inconsistent headers and at worst allowed cross-origin activities that were expected to be forbidden. If the connection has CORS enabled but one route has it off, and the route is not GET, the OPTIONS prefetch request will return the default CORS headers and then the actual request will go through and return no CORS headers. This defeats the purpose of turning CORS on the route. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2014-10066 | | Versions less than 0.1.4 of the static file server module fancy-server are vulnerable to directory traversal. An attacker can provide input such as `../` to read files outside of the served directory. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2014-10065 | | Certain input when passed into remarkable before 1.4.1 will bypass the bad prototcol check that disallows the javascript: scheme allowing for javascript: url's to be injected into the rendered content. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2014-10064 | | The qs module before 1.0.0 does not have an option or default for specifying object depth and when parsing a string representing a deeply nested object will block the event loop for long periods of time. An attacker could leverage this to cause a temporary denial-of-service condition, for example, in a web application, other requests would not be processed while this blocking is occurring. Published at: May 31, 2018 at 11:29PM View on website June 01, 2018 at 02:07AM via National Vulnerability Database |
New vulnerabilities from the NVD: CVE-2016-1000338 | | |
Няма коментари:
Публикуване на коментар