Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
traffic server vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2022-33684
The Apache Pulsar C++ Client does not verify peer TLS certificates when making HTTPS calls for the OAuth2.0 Client Credential Flow, even when tlsAllowInsecureConnection is disabled via configuration. This vulnerability allows an malicious user to perform a man in the middle attac...
Apache Pulsar
8.1
CVSSv3
CVE-2021-44759
Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an malicious user to create a man in the middle attack. This issue affects Apache Traffic Server 8.0.0 to 8.1.0.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8.1
CVSSv3
CVE-2021-38161
Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for man in the middle attacks. This issue affects Apache Traffic Server 8.0.0 to 8.0.8.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8.1
CVSSv3
CVE-2020-15813
Graylog prior to 3.3.3 lacks SSL Certificate Validation for LDAP servers. It allows use of an external user/group database stored in LDAP. The connection configuration allows the usage of unencrypted, SSL- or TLS-secured connections. Unfortunately, the Graylog client code (in all...
Graylog Graylog
8.1
CVSSv3
CVE-2019-9506
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffi...
Google Android -
Apple Mac Os X 10.12.6
Apple Mac Os X 10.14.5
Apple Watchos 5.3
Apple Iphone Os 12.4
Apple Mac Os X 10.13.6
Apple Tvos 12.4
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 8.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Mrg Realtime 2.0
Redhat Virtualization Host Eus 4.2
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Aus 7.5
Redhat Enterprise Linux Eus 7.6
Redhat Enterprise Linux Eus 7.7
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Eus 8.4
5 Github repositories
2 Articles
8.1
CVSSv3
CVE-2018-10690
An issue exists on Moxa AWK-3121 1.14 devices. The device by default allows HTTP traffic thus providing an insecure communication mechanism for a user connecting to the web server. This allows an malicious user to sniff the traffic easily and allows an malicious user to compromis...
Moxa Awk-3121 Firmware 1.14
8.1
CVSSv3
CVE-2019-6974
In the Linux kernel prior to 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
Linux Linux Kernel
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux 7.0
1 EDB exploit
8.1
CVSSv3
CVE-2018-15476
An issue exists in myStrom WiFi Switch V1 prior to 2.66, WiFi Switch V2 prior to 3.80, WiFi Switch EU prior to 3.80, WiFi Bulb prior to 2.58, WiFi LED Strip prior to 3.80, WiFi Button prior to 2.73, and WiFi Button Plus prior to 2.73. The SSL/TLS server certificate in the device ...
Mystrom Wifi Switch Firmware
Mystrom Wifi Button Plus Firmware
Mystrom Wifi Button Firmware
Mystrom Wifi Switch Eu Firmware
Mystrom Wifi Bulb Firmware
Mystrom Wifi Led Strip Firmware
8.1
CVSSv3
CVE-2018-5542
F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.6, or 11.2.1-11.6.3.2 HTTPS health monitors do not validate the identity of the monitored server.
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
8.1
CVSSv3
CVE-2018-0262
A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote malicious user to gain unauthorized access to components of, or sensitive information in, an affected system, leading to Remote Code Execution. The vulnerability is due to incorrect default configurati...
Cisco Meeting Server 2.4
Cisco Meeting Server 2.0
Cisco Meeting Server 2.2
Cisco Meeting Server 1.9
Cisco Meeting Server 2.1
Cisco Meeting Server 2.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »