Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-04 CVE-2016-10641 Cryptographic Issues vulnerability in Node-Bsdiff-Android Project Node-Bsdiff-Android
node-bsdiff-android downloads resources over HTTP, which leaves it vulnerable to MITM attacks.
network
high complexity
node-bsdiff-android-project CWE-310
8.1
2018-06-04 CVE-2016-10640 Cryptographic Issues vulnerability in Geohey Node-Thulac
node-thulac is a node binding for thulac.
network
high complexity
geohey CWE-310
8.1
2018-06-04 CVE-2016-10639 Cryptographic Issues vulnerability in Redis-Srvr Project Redis-Srvr
redis-srvr is a npm wrapper for redis-server.
network
high complexity
redis-srvr-project CWE-310
8.1
2018-06-04 CVE-2016-10638 Cryptographic Issues vulnerability in Js-Given Project Js-Given
js-given is a JavaScript frontend to jgiven.
network
high complexity
js-given-project CWE-310
8.1
2018-06-04 CVE-2016-10637 Cryptographic Issues vulnerability in Haxe Haxe-Dev
haxe-dev is a cross-platform toolkit.
network
high complexity
haxe CWE-310
8.1
2018-06-04 CVE-2016-10636 Cryptographic Issues vulnerability in Grunt-Ccompiler Project Grunt-Ccompiler
grunt-ccompiler is a Closure Compiler Grunt Plugin.
network
high complexity
grunt-ccompiler-project CWE-310
8.1
2018-06-04 CVE-2018-11712 Improper Certificate Validation vulnerability in Webkitgtk Webkitgtk+ 2.20.0/2.20.1
WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification for WebSocket connections.
network
low complexity
webkitgtk CWE-295
7.5
2018-06-04 CVE-2018-10615 Path Traversal vulnerability in GE MDS Pulsenet
Directory traversal may lead to files being exfiltrated or deleted on the GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior host platform.
network
low complexity
ge CWE-22
8.1
2018-06-04 CVE-2018-10613 XXE vulnerability in GE MDS Pulsenet
Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior.
network
low complexity
ge CWE-611
7.5
2018-06-04 CVE-2018-11710 Out-of-bounds Write vulnerability in Openmpt Libopenmpt
soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted AMS file because of an invalid write near address 0 in an out-of-memory situation.
network
low complexity
openmpt CWE-787
8.8