Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
man vulnerabilities and exploits
(subscribe to this query)
232
VMScore
CVE-2016-7055
There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 prior to 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are imp...
Openssl Openssl
Nodejs Node.js
NA
CVE-2023-25758
Onekey Touch devices up to and including 4.0.0 and Onekey Mini devices up to and including 2.10.0 allow man-in-the-middle malicious users to obtain the seed phase. The man-in-the-middle access can only be obtained after disassembling a device (i.e., here, "man-in-the-middle&...
Onekey Onekey Touch Firmware
Onekey Onekey Mini Firmware
383
VMScore
CVE-2019-11674
Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions before 4.4.0.4. The vulnerability could exploit invalid certificate validation and may result in a man-in-the-middle attack.
Microfocus Netiq Self Service Password Reset
Microfocus Netiq Self Service Password Reset 4.4
NA
CVE-2023-23546
A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32.3.0.5. A specially-crafted man-in-the-middle attack can lead to increased privileges. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
Milesight Ur32l Firmware 32.3.0.5
187
VMScore
CVE-2021-42373
A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given
Busybox Busybox 1.33.1
Busybox Busybox 1.33.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Backup -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
383
VMScore
CVE-2013-4488
libgadu prior to 1.12.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers.
Libgadu Libgadu
384
VMScore
CVE-2015-0210
wpa_supplicant 2.0-16 does not properly check certificate subject name, which allows remote malicious users to cause a man-in-the-middle attack.
W1.fi Wpa Supplicant 2.0-16
970
VMScore
CVE-2011-3402
Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote malicious user...
Microsoft Windows Server 2008
Microsoft Windows Xp
Microsoft Windows 7 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2003
Microsoft Windows Vista
10 Articles
383
VMScore
CVE-2014-7189
crpyto/tls in Go 1.1 prior to 1.3.2, when SessionTicketsDisabled is enabled, allows man-in-the-middle malicious users to spoof clients via unspecified vectors.
Golang Go 1.2.1
Golang Go 1.3
Golang Go 1.2
Golang Go 1.2.2
Golang Go 1.1
Golang Go 1.1.1
Golang Go 1.1.2
Golang Go 1.3.1
383
VMScore
CVE-2021-21963
An information disclosure vulnerability exists in the Web Server functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to ...
Sealevel Seaconnect 370w Firmware 1.3.34
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »