Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
man-in-the-middle vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-4259
The Integrated Management Controller on Cisco Unified Computing System (UCS) C servers with software 1.5(3) and 1.6(0.16) has a default SSL certificate, which makes it easier for man-in-the-middle malicious users to bypass cryptographic protection mechanisms by leveraging knowled...
Cisco Unified Computing System 1.5\\(3\\)
Cisco Unified Computing System 1.6\\(0.16\\)
NA
CVE-2012-4092
The management interface in the Central Software component in Cisco Unified Computing System (UCS) does not properly validate the identity of vCenter consoles, which allows man-in-the-middle malicious users to read or modify an inter-device data stream by spoofing an identity, ak...
Cisco Unified Computing System -
NA
CVE-2015-31963
Orion Elite Hidden IP Browser Pro versions 1.0 through 7.9 have insecure versions of Tor and OpenSSL included and also suffer from man-in-the-middle vulnerabilities.
NA
CVE-2016-88602
Orion Elite Hidden IP Browser Pro versions 1.0 through 7.9 have insecure versions of Tor and OpenSSL included and also suffer from man-in-the-middle vulnerabilities.
5.9
CVSSv3
CVE-2017-3898
A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe (MLS) versions before 16.0.3 allows network malicious users to modify the Windows registry value associated with the McAfee update via the HTTP backend-response.
Mcafee Livesafe
1 EDB exploit
7.4
CVSSv3
CVE-2019-7399
Amazon Fire OS prior to 5.3.6.4 allows a man-in-the-middle attack against HTTP requests for "Terms of Use" and Privacy pages.
Amazon Fire Os
5.9
CVSSv3
CVE-2016-5348
The GPS component in Android 4.x prior to 4.4.4, 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, 6.x prior to 2016-10-01, and 7.0 prior to 2016-10-01 allows man-in-the-middle malicious users to cause a denial of service (memory consumption, and device hang or reboot) via a large xtra...
Google Android 4.2.2
Google Android 4.2.1
Google Android 4.0.1
Google Android 4.0
Google Android 4.4.1
Google Android 4.4
Google Android 4.1
Google Android 4.0.4
Google Android 5.1
Google Android 5.1.0
Google Android 6.0
Google Android 4.3.1
Google Android 4.3
Google Android 4.0.3
Google Android 4.0.2
Google Android 6.0.1
Google Android 7.0
Google Android 4.4.3
Google Android 4.4.2
Google Android 4.2
Google Android 4.1.2
Google Android 5.0
1 EDB exploit
7.5
CVSSv3
CVE-2017-0375
The hidden-service feature in Tor prior to 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the relay_send_end_cell_from_edge_ function via a malformed BEGIN cell.
Torproject Tor
7.5
CVSSv3
CVE-2014-5380
Grand MA 300 allows retrieval of the access PIN from sniffed data.
Granding Grand Ma300 Firmware 6.60
1 EDB exploit
5.9
CVSSv3
CVE-2015-6358
Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote malicious users to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and k...
Cisco Rv320 Firmware
Cisco Rv325 Firmware
Cisco Rvs4000 Firmware
Cisco Wrv210 Firmware
Cisco Wap4410n Firmware
Cisco Wrv200 Firmware 1.0.39
Cisco Wrvs4400n Firmware
Cisco Wap200 Firmware
Cisco Wvc2300 Firmware
Cisco Pvc2300 Firmware
Cisco Srw224p Firmware
Cisco Wet200 Firmware
Cisco Wap2000 Firmware
Cisco Wap4400n Firmware
Cisco Rv120w Firmware
Cisco Rv180 Firmware
Cisco Rv180w Firmware
Cisco Rv315w Firmware
Cisco Srp520 Firmware
Cisco Srp520-u Firmware
Cisco Wrp500 Firmware
Cisco Spa400 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »