CWE-310
271 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-310page 3 of 6
- CVE-2016-10623HIGHCVSS 8.1EG 8.12018-06-01
macaca-chromedriver-zxa is a Node.js wrapper for the selenium chromedriver. macaca-chromedriver-zxa downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) b…
- CVE-2016-10624HIGHCVSS 8.1EG 8.12018-06-01
selenium-chromedriver is a simple utility for downloading the Selenium Webdriver for Google Chrome selenium-chromedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote c…
- CVE-2016-10625HIGHCVSS 8.1EG 8.12018-06-01
headless-browser-lite is a minimal npm installer for phantomjs and slimerjs with no external dependencies. headless-browser-lite downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause …
- CVE-2016-10626HIGHCVSS 8.1EG 8.12018-06-01
mystem3 is a NodeJS wrapper for the Yandex MyStem 3. mystem3 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary wit…
- CVE-2016-10627HIGHCVSS 8.1EG 8.12018-05-29
scala-bin is a binary wrapper for Scala. scala-bin downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attac…
- CVE-2016-10628HIGHCVSS 8.1EG 8.12018-06-01
selenium-wrapper is a selenium server wrapper, including installation and chrome webdriver. selenium-wrapper downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code executio…
- CVE-2016-10629HIGHCVSS 8.1EG 8.12018-06-01
nw-with-arm is a NW Installer including ARM-Build. nw-with-arm downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary w…
- CVE-2016-10630MEDIUMCVSS 5.9EG 5.92018-06-01
install-g-test downloads resources over HTTP, which leaves it vulnerable to MITM attacks.
- CVE-2016-10631HIGHCVSS 8.1EG 8.12018-06-01
jvminstall is a module for downloading and unpacking jvm to local system. jvminstall downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out …
- CVE-2016-10632HIGHCVSS 8.1EG 8.12018-06-01
apk-parser2 is a module which extracts Android Manifest info from an APK file. apk-parser2 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swappin…
- CVE-2016-10633HIGHCVSS 8.1EG 8.12018-06-01
dwebp-bin is a dwebp node.js wrapper that convert WebP into PNG. dwebp-bin downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the reques…
- CVE-2016-10634HIGHCVSS 8.1EG 8.12018-06-01
scala-standalone-bin is a Binary wrapper for ScalaJS. scala-standalone-bin downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the reques…
- CVE-2016-10635HIGHCVSS 8.1EG 8.12018-05-29
broccoli-closure is a Closure compiler plugin for Broccoli. broccoli-closure before 1.3.1 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping…
- CVE-2016-10636HIGHCVSS 8.1EG 8.12018-06-04
grunt-ccompiler is a Closure Compiler Grunt Plugin. grunt-ccompiler downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested bin…
- CVE-2016-10637HIGHCVSS 8.1EG 8.12018-06-04
haxe-dev is a cross-platform toolkit. haxe-dev downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker …
- CVE-2016-10638HIGHCVSS 8.1EG 8.12018-06-04
js-given is a JavaScript frontend to jgiven. js-given downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an at…
- CVE-2016-10639HIGHCVSS 8.1EG 8.12018-06-04
redis-srvr is a npm wrapper for redis-server. redis-srvr downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an…
- CVE-2016-10640HIGHCVSS 8.1EG 8.12018-06-04
node-thulac is a node binding for thulac. node-thulac downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an at…
- CVE-2016-10641HIGHCVSS 8.1EG 8.12018-06-04
node-bsdiff-android downloads resources over HTTP, which leaves it vulnerable to MITM attacks.
- CVE-2016-10642HIGHCVSS 8.1EG 8.12018-06-04
cmake installs the cmake x86 linux binaries. cmake downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attac…
- CVE-2016-10643HIGHCVSS 8.1EG 8.12018-06-04
jstestdriver is a wrapper for Google's jstestdriver. jstestdriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binar…
- CVE-2016-10644HIGHCVSS 8.1EG 8.12018-06-04
slimerjs-edge is a npm wrapper for installing the bleeding edge version of slimerjs. slimerjs-edge downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by…
- CVE-2016-10645HIGHCVSS 8.1EG 8.12018-06-04
grunt-images is a grunt plugin for processing images. grunt-images downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested bina…
- CVE-2016-10646HIGHCVSS 8.1EG 8.12018-06-04
resourcehacker is a Node wrapper of Resource Hacker (windows executable resource editor). resourcehacker downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (R…
- CVE-2016-10647HIGHCVSS 8.1EG 8.12018-06-04
node-air-sdk is an AIR SDK for nodejs. node-air-sdk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an atta…
- CVE-2016-10648HIGHCVSS 8.1EG 8.12018-06-04
marionette-socket-host is a marionette-js-runner host for sending actions over a socket. marionette-socket-host downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execu…
- CVE-2016-10649HIGHCVSS 8.1EG 8.12018-06-04
frames-compiler downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attack…
- CVE-2016-10650HIGHCVSS 8.1EG 8.12018-05-29
ntfserver is a Network Testing Framework Server. ntfserver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with …
- CVE-2016-10651HIGHCVSS 8.1EG 8.12018-06-04
webdriver-launcher is a Node.js Selenium Webdriver Launcher. webdriver-launcher downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the r…
- CVE-2016-10652HIGHCVSS 8.1EG 8.12018-06-04
prebuild-lwip is a module for comprehensive, fast, and simple image processing and manipulation. prebuild-lwip downloads resources over HTTP, which leaves it vulnerable to MITM attacks.
- CVE-2016-10653HIGHCVSS 8.1EG 8.12018-06-04
xd-testing is a testing library for cross-device (XD) web applications. xd-testing downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out th…
- CVE-2016-10654HIGHCVSS 8.1EG 8.12018-06-04
sfml downloads resources over HTTP, which leaves it vulnerable to MITM attacks.
- CVE-2016-10655HIGHCVSS 8.1EG 8.12018-06-04
The clang-extra module installs LLVM's clang-extra tools. clang-extra downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested r…
- CVE-2016-10656HIGHCVSS 8.1EG 8.12018-06-04
qbs is a build tool that helps simplify the build process for developing projects across multiple platforms. qbs downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code exec…
- CVE-2016-10657HIGHCVSS 8.1EG 8.12018-06-04
co-cli-installer downloads the co-cli module as part of the install process, but does so over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources…
- CVE-2016-10658HIGHCVSS 8.1EG 8.12018-05-29
native-opencv is the OpenCV library installed via npm native-opencv downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested res…
- CVE-2016-10659HIGHCVSS 8.1EG 8.12018-05-29
poco - The POCO libraries, downloads source file resources used for compilation over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an …
- CVE-2016-10660HIGHCVSS 8.1EG 8.12018-06-04
fis-parser-sass-bin a plugin for fis to compile sass using node-sass-binaries. fis-parser-sass-bin downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by…
- CVE-2016-10661HIGHCVSS 8.1EG 8.12018-06-04
phantomjs-cheniu is a Headless WebKit with JS API phantomjs-cheniu downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested reso…
- CVE-2016-10662HIGHCVSS 8.1EG 8.12018-06-04
tomita is a node wrapper for Yandex Tomita Parser tomita downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with…
- CVE-2016-10664HIGHCVSS 8.1EG 8.12018-06-04
mystem is a Node.js wrapper for MyStem morphology text analyzer by Yandex.ru mystem downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out t…
- CVE-2016-10665HIGHCVSS 8.1EG 8.12018-06-04
herbivore is a packet sniffing and crafting library. Built on libtins herbivore 0.0.3 and below download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swa…
- CVE-2016-10666HIGHCVSS 8.1EG 8.12018-05-29
tomita-parser is a Node wrapper for Yandex Tomita Parser tomita-parser downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested …
- CVE-2016-10667HIGHCVSS 8.1EG 8.12018-06-04
selenium-portal is a Selenium Testing Framework selenium-portal downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resourc…
- CVE-2016-10668HIGHCVSS 8.1EG 8.12018-06-04
libsbml is a module that installs Linux binaries for libSBML libsbml downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources…
- CVE-2016-10669HIGHCVSS 8.1EG 8.12018-06-04
soci downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on t…
- CVE-2016-10670HIGHCVSS 8.1EG 8.12018-06-04
windows-seleniumjar-mirror downloads the Selenium Jar file windows-seleniumjar-mirror downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out…
- CVE-2016-10671HIGHCVSS 8.1EG 8.12018-06-04
mystem-wrapper is a Yandex mystem app wrapper module. mystem-wrapper downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested re…
- CVE-2016-10672HIGHCVSS 8.1EG 8.12018-06-04
cloudpub-redis is a module for CloudPub: Redis Backend cloudpub-redis downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested r…
- CVE-2016-10673HIGHCVSS 8.1EG 8.12018-06-04
ipip-coffee queries geolocation information from IP ipip-coffee downloads geolocation resources over HTTP, which leaves it vulnerable to MITM attacks. This could impact the integrity and availability of the data being used to make geolocat…
Map vulnerabilities like CWE-310 to your infrastructure
EchelonGraph correlates every CVE — across CWE-310 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →