Weaknesses of type CWE-311
301 resultsCVE-2016-10666—tomita-parser is a Node wrapper for Yandex Tomita Parser tomita-parser downloads binary resources over HTTP, which leaves it vulnerable to MEPSS 1.7%CVE-2016-10635—broccoli-closure is a Closure compiler plugin for Broccoli. broccoli-closure before 1.3.1 downloads binary resources over HTTP, which leavesEPSS 1.7%CVE-2016-10599—sauce-connect is a Node.js wrapper over the SauceLabs SauceConnect.jar program for establishing a secure tunnel for intranet testing. sauce-EPSS 1.7%CVE-2016-10567—product-monitor is a HTML/JavaScript template for monitoring a product by encouraging product developers to gather all the information aboutEPSS 1.7%CVE-2016-10576—Fuseki server wrapper and management API in fuseki before 1.0.1 downloads binary resources over HTTP, which leaves it vulnerable to MITM attEPSS 1.7%CVE-2016-10660—fis-parser-sass-bin a plugin for fis to compile sass using node-sass-binaries. fis-parser-sass-bin downloads binary resources over HTTP, whiEPSS 1.7%CVE-2016-10620—atom-node-module-installer installs node modules for atom-shell applications. atom-node-module-installer binary resources over HTTP, which lEPSS 1.7%CVE-2016-10685—pk-app-wonderbox is an integration with wonderbox pk-app-wonderbox downloads binary resources over HTTP, which leaves it vulnerable to MITM EPSS 1.7%CVE-2016-10643—jstestdriver is a wrapper for Google's jstestdriver. jstestdriver downloads binary resources over HTTP, which leaves it vulnerable to MITM aEPSS 1.7%CVE-2016-10651—webdriver-launcher is a Node.js Selenium Webdriver Launcher. webdriver-launcher downloads binary resources over HTTP, which leaves it vulnerEPSS 1.7%CVE-2016-10562—iedriver is an NPM wrapper for Selenium IEDriver. iedriver versions below 3.0.0 download binary resources over HTTP, which leaves the moduleEPSS 1.7%CVE-2016-10696—windows-latestchromedriver downloads the latest version of chromedriver.exe. windows-latestchromedriver downloads binary resources over HTTPEPSS 1.7%CVE-2016-10670—windows-seleniumjar-mirror downloads the Selenium Jar file windows-seleniumjar-mirror downloads binary resources over HTTP, which leaves it EPSS 1.7%CVE-2016-10678—serc.js is a Selenium RC process wrapper serc.js downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may beEPSS 1.7%CVE-2016-10566—install-nw is a module which quickly and robustly installs and caches NW.js. install-nw versions below 1.1.5 download binary resources over EPSS 1.7%CVE-2016-10669—soci downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCEPSS 1.7%CVE-2016-10607—openframe-glsviewer is a Openframe extension which adds support for shaders via glslViewer. openframe-glsviewer downloads binary resources oEPSS 1.7%CVE-2016-10595—jdf-sass is a fork from node-sass, jdf use only. jdf-sass downloads executable resources over HTTP, which leaves it vulnerable to MITM attacEPSS 1.6%CVE-2016-10608—robot-js is a module for native system automation for node.js. robot-js downloads binary resources over HTTP, which leaves it vulnerable to EPSS 1.6%CVE-2016-10577—ibm_db is an asynchronous/synchronous interface for node.js to IBM DB2 and IBM Informix. ibm_db before 1.0.2 downloads binary resources overEPSS 1.5%