Export limit exceeded: 341651 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (7937 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-16718 | 1 Beckhoff | 1 Twincat | 2024-11-21 | N/A |
| Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol for industrial automation in protected environments. This protocol uses user configured routes, that can be edited remotely via ADS. This special command supports encrypted authentication with username/password. The encryption uses a fixed key, that could be extracted by an attacker. Precondition of the exploitation of this weakness is network access at the moment a route is added. | ||||
| CVE-2017-16714 | 1 Iceqube | 2 Thermal Management Center, Thermal Management Center Firmware | 2024-11-21 | N/A |
| In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in plaintext in a file that is accessible without authentication. | ||||
| CVE-2017-16207 | 1 Discordi.js Project | 1 Discordi.js | 2024-11-21 | N/A |
| discordi.js is a malicious module based on the discord.js library that exfiltrates login tokens to pastebin. | ||||
| CVE-2017-16205 | 1 Coffescript Project | 1 Coffescript | 2024-11-21 | N/A |
| The coffescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | ||||
| CVE-2017-16204 | 1 Jquey Project | 1 Jquey | 2024-11-21 | N/A |
| The jquey module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | ||||
| CVE-2017-16203 | 1 Coffescript Project | 1 Coffescript | 2024-11-21 | N/A |
| The coffe-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | ||||
| CVE-2017-16202 | 1 Cofeescript Project | 1 Cofeescript | 2024-11-21 | N/A |
| The cofeescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | ||||
| CVE-2017-16128 | 1 Npm-script-demo Project | 1 Npm-script-demo | 2024-11-21 | N/A |
| The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry. | ||||
| CVE-2017-16127 | 1 Pandora-doomsday Project | 1 Pandora-doomsday | 2024-11-21 | N/A |
| The module pandora-doomsday infects other modules. It's since been unpublished from the registry. | ||||
| CVE-2017-16081 | 1 Cross-env.js Project | 1 Cross-env.js | 2024-11-21 | N/A |
| cross-env.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16080 | 1 Nodesass Project | 1 Nodesass | 2024-11-21 | N/A |
| nodesass was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16079 | 1 Smb Project | 1 Smb | 2024-11-21 | N/A |
| smb was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16078 | 1 Shadowsock Project | 1 Shadowsock | 2024-11-21 | N/A |
| shadowsock was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16077 | 1 Mongose Project | 1 Mongose | 2024-11-21 | N/A |
| mongose was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16076 | 1 Proxy.js Project | 1 Proxy.js | 2024-11-21 | N/A |
| proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16075 | 1 Http-proxy.js Project | 1 Http-proxy.js | 2024-11-21 | N/A |
| http-proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16074 | 1 Crossenv Project | 1 Crossenv | 2024-11-21 | N/A |
| crossenv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16073 | 1 Noderequest Project | 1 Noderequest | 2024-11-21 | N/A |
| noderequest was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16072 | 1 Nodemailer.js Project | 1 Nodemailer.js | 2024-11-21 | N/A |
| nodemailer.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16071 | 1 Nodemailer-js Project | 1 Nodemailer-js | 2024-11-21 | N/A |
| nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||