Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
man vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-36881
Jenkins Git client Plugin 3.11.0 and previous versions does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks.
Jenkins Git Client
5.8
CVSSv2
CVE-2013-6418
PyWBEM 0.7 and previous versions uses a separate connection to validate X.509 certificates, which allows man-in-the-middle malicious users to spoof a peer via an arbitrary certificate.
Pywbem Project Pywbem
4.3
CVSSv2
CVE-2014-7203
libzmq (aka ZeroMQ/C++) 4.0.x prior to 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle malicious users to conduct replay attacks via unspecified vectors.
Zeromq Zeromq 4.0.2
Zeromq Zeromq 4.0.1
Zeromq Zeromq 4.0.4
Zeromq Zeromq 4.0.3
Zeromq Zeromq 4.0.0
NA
CVE-2021-43766
Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to use certificate Common Name for client authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL cert...
Odyssey Project Odyssey 1.1
NA
CVE-2023-4586
A vulnerability was found in the Hot Rod client. This security issue occurs as the Hot Rod client does not enable hostname validation when using TLS, possibly resulting in a man-in-the-middle (MITM) attack.
Redhat Data Grid 8.0.0
Infinispan Hot Rod -
2 Github repositories
5.8
CVSSv2
CVE-2019-12621
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote malicious user to perform a man-in-the-middle attack. The vulnerability is due to insufficient key management. An attacker could exploit this vulnerability by obtaining a specific encryption key fo...
Cisco Hyperflex Hx220c M5 Firmware 3.0\\(1a\\)
Cisco Hyperflex Hx220c M5 Firmware 3.5\\(2a\\)
Cisco Hyperflex Hx240c M5 Firmware 3.0\\(1a\\)
Cisco Hyperflex Hx240c M5 Firmware 3.5\\(2a\\)
Cisco Hyperflex Hx220c Af M5 Firmware 3.5\\(2a\\)
Cisco Hyperflex Hx220c Af M5 Firmware 3.0\\(1a\\)
Cisco Hyperflex Hx240c Af M5 Firmware 3.0\\(1a\\)
Cisco Hyperflex Hx240c Af M5 Firmware 3.5\\(2a\\)
Cisco Hyperflex Hx220c Edge M5 Firmware 3.0\\(1a\\)
Cisco Hyperflex Hx220c Edge M5 Firmware 3.5\\(2a\\)
4.3
CVSSv2
CVE-2016-0800
The SSLv2 protocol, as used in OpenSSL prior to 1.0.1s and 1.0.2 prior to 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote malicious users to decryp...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
Openssl Openssl 1.0.1f
2 Nmap scripts
4 Github repositories
2 Articles
2.9
CVSSv2
CVE-2015-4640
The SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices relies on an HTTP connection to the skslm.swiftkey.net server, which allows man-in-the-middle malicious users to write to language-pack files by modifying an HTTP response. NOTE: CV...
Swiftkey Swiftkey Sdk
2.6
CVSSv2
CVE-2016-6877
Citrix XenMobile Server prior to 10.5.0.24 allows man-in-the-middle malicious users to trigger HTTP 302 redirections via vectors involving the HTTP Host header and a cached page. NOTE: the vendor reports "our internal analysis of this issue concluded that this was not a vali...
Citrix Xenmobile Server
6.8
CVSSv2
CVE-2014-0036
The rbovirt gem prior to 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote malicious users to conduct man-in-the-middle attacks via unspecified vectors.
Amos Benari Rbovirt 0.0.16
Amos Benari Rbovirt 0.0.15
Amos Benari Rbovirt 0.0.14
Amos Benari Rbovirt 0.0.13
Amos Benari Rbovirt
Amos Benari Rbovirt 0.0.22
Amos Benari Rbovirt 0.0.21
Amos Benari Rbovirt 0.0.8
Amos Benari Rbovirt 0.0.7
Amos Benari Rbovirt 0.0.6
Amos Benari Rbovirt 0.0.5
Amos Benari Rbovirt 0.0.19
Amos Benari Rbovirt 0.0.17
Amos Benari Rbovirt 0.0.12
Amos Benari Rbovirt 0.0.10
Amos Benari Rbovirt 0.0.3
Amos Benari Rbovirt 0.0.1
Amos Benari Rbovirt 0.0.20
Amos Benari Rbovirt 0.0.18
Amos Benari Rbovirt 0.0.11
Amos Benari Rbovirt 0.0.9
Amos Benari Rbovirt 0.0.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »