Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
man-in-the-middle vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2019-11674
Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions before 4.4.0.4. The vulnerability could exploit invalid certificate validation and may result in a man-in-the-middle attack.
Microfocus Netiq Self Service Password Reset
Microfocus Netiq Self Service Password Reset 4.4
8.1
CVSSv3
CVE-2023-23546
A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32.3.0.5. A specially-crafted man-in-the-middle attack can lead to increased privileges. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
Milesight Ur32l Firmware 32.3.0.5
NA
CVE-2013-4488
libgadu prior to 1.12.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers.
Libgadu Libgadu
5.9
CVSSv3
CVE-2015-0210
wpa_supplicant 2.0-16 does not properly check certificate subject name, which allows remote malicious users to cause a man-in-the-middle attack.
W1.fi Wpa Supplicant 2.0-16
NA
CVE-2014-7189
crpyto/tls in Go 1.1 prior to 1.3.2, when SessionTicketsDisabled is enabled, allows man-in-the-middle malicious users to spoof clients via unspecified vectors.
Golang Go 1.2.1
Golang Go 1.3
Golang Go 1.2
Golang Go 1.2.2
Golang Go 1.1
Golang Go 1.1.1
Golang Go 1.1.2
Golang Go 1.3.1
5.9
CVSSv3
CVE-2021-21963
An information disclosure vulnerability exists in the Web Server functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to ...
Sealevel Seaconnect 370w Firmware 1.3.34
5.9
CVSSv3
CVE-2022-21199
An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this ...
Reolink Rlc-410w Firmware 3.0.0.136 20121102
NA
CVE-2014-7202
stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 prior to 4.0.5 allows man-in-the-middle malicious users to conduct downgrade attacks via a crafted connection request.
Zeromq Zeromq 4.0.0
Zeromq Zeromq 4.0.4
8.1
CVSSv3
CVE-2022-29475
An information disclosure vulnerability exists in the XFINDER functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted man-in-the-middle attack can lead to increased privileges. An attacker can perform a man-in-the-middle attack to trig...
Goabode Iota All-in-one Security Kit Firmware 6.9z
Goabode Iota All-in-one Security Kit Firmware 6.9x
5.9
CVSSv3
CVE-2021-28124
A man-in-the-middle vulnerability in Cohesity DataPlatform support channel in version 6.3 up to 6.3.1g, 6.4 up to 6.4.1c and 6.5.1 up to and including 6.5.1b. Missing server authentication in impacted versions can allow an malicious user to Man-in-the-middle (MITM) support channe...
Cohesity Cohesity Dataplatform
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »