Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
man-in-the-middle vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-0351
The FortiManager protocol service in Fortinet FortiOS prior to 4.3.16 and 5.x prior to 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-middle malicious users to obtain sensitive information or interfere with communic...
Fortinet Fortios 5.0.7
Fortinet Fortios 5.0.6
Fortinet Fortios 5.0.5
Fortinet Fortios 4.3.12
Fortinet Fortios 4.3.10
Fortinet Fortios 4.3.14
Fortinet Fortios 4.3.13
Fortinet Fortios 5.0.0
Fortinet Fortios
Fortinet Fortios 5.0.4
Fortinet Fortios 5.0.3
3.7
CVSSv3
CVE-2020-36473
UCWeb UC 12.12.3.1219 up to and including 12.12.3.1226 uses cleartext HTTP, and thus man-in-the-middle attackers can discover visited URLs.
Ucweb Ucweb Uc
7.4
CVSSv3
CVE-2022-3259
Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the-middle (MITM) attacks.
Redhat Openshift 4.9
5.9
CVSSv3
CVE-2019-11650
A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions before 6.0.
Microfocus Netiq Advanced Authentication
8.1
CVSSv3
CVE-2016-8237
Remote code execution in Lenovo Updates (not Lenovo System Update) allows man-in-the-middle malicious users to execute arbitrary code.
Lenovo Updates -
4.8
CVSSv3
CVE-2021-31747
Missing SSL Certificate Validation issue exists in Pluck 4.7.15 in update_applet.php, which could lead to man-in-the-middle attacks.
Pluck-cms Pluck 4.7.15
7.4
CVSSv3
CVE-2020-8279
Missing validation of server certificates for out-going connections in Nextcloud Social < 0.4.0 allowed a man-in-the-middle attack.
Nextcloud Social
5.9
CVSSv3
CVE-2020-5812
Nessus AMI versions 8.12.0 and previous versions were found to either not validate, or incorrectly validate, a certificate which could allow an malicious user to spoof a trusted entity by using a man-in-the-middle (MITM) attack.
Tenable Nessus Amazon Machine Image
6.8
CVSSv3
CVE-2022-48306
Improper Validation of Certificate with Host Mismatch vulnerability in Gotham Chat IRC helper of Palantir Gotham allows A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow ...
Palantir Gotham Chat Irc
8.1
CVSSv3
CVE-2015-5152
Foreman after 1.1 and prior to 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl setting is set to true, which allows remote malicious users to obtain user credentials via a man-in-the-middle attack.
Theforeman Foreman 1.4.1
Theforeman Foreman 1.3.0
Theforeman Foreman 1.4.3
Theforeman Foreman 1.2.2
Theforeman Foreman 1.4.0
Theforeman Foreman 1.2.1
Theforeman Foreman 1.8.0
Theforeman Foreman 1.7.4
Theforeman Foreman 1.7.5
Theforeman Foreman 1.7.0
Theforeman Foreman 1.4.2
Theforeman Foreman 1.8.1
Theforeman Foreman 1.5.0
Theforeman Foreman 1.2.0
Theforeman Foreman 1.5.2
Theforeman Foreman 1.5.3
Theforeman Foreman 1.2.3
Theforeman Foreman 1.1-1
Theforeman Foreman 1.6.0
Theforeman Foreman 1.8.3
Theforeman Foreman 1.7.1
Theforeman Foreman 1.5.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »