Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
man-in-the-middle vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2017-14084
A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow malicious users to execute arbitrary code on vulnerable installations.
Trendmicro Officescan 12.0
Trendmicro Officescan 11.0
1 EDB exploit
1 Github repository
NA
CVE-2011-0546
Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not validate identity information sent between the media server and the remote agent, which allows man-in-the-middle malicious users to execute NDMP commands via unspecified vectors.
Symantec Backup Exec 11.0
Symantec Backup Exec 13.0
Symantec Backup Exec 12.0
Symantec Backup Exec 12.5
1 EDB exploit
NA
CVE-2013-1629
pip prior to 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle malicious users to execute arbitrary code via a crafted response to a "pip install" operation.
Pypa Pip
7.5
CVSSv3
CVE-2016-1493
Intel Driver Update Utility prior to 2.4 retrieves driver updates in cleartext, which makes it easier for man-in-the-middle malicious users to execute arbitrary code via a crafted file.
Intel Driver Update Utility 2.2
Intel Driver Update Utility 2.0
Intel Driver Update Utility 2.1
Intel Driver Update Utility 2.3
NA
CVE-2016-14933
Intel Driver Update Utility version 2.2.0.5 suffers from a man-in-the-middle vulnerability..
5.9
CVSSv3
CVE-2018-18567
AudioCodes 440HD and 450HD devices 3.1.2.89 and previous versions allows man-in-the-middle malicious users to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business.
Audiocodes 440hd Firmware
Audiocodes 450hd Firmware
5.9
CVSSv3
CVE-2018-18568
Polycom VVX 500 and 601 devices 5.8.0.12848 and previous versions allows man-in-the-middle malicious users to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business.
Polycom Unified Communications Software
Polycom Vvx 601 Firmware -
Polycom Vvx 500 Firmware -
NA
CVE-2012-4117
The fabric-interconnect component in Cisco Unified Computing System (UCS) does not properly verify X.509 certificates, which allows man-in-the-middle malicious users to watch SSL KVM video-channel traffic or modify this traffic via a crafted certificate, aka Bug ID CSCtr73033.
Cisco Unified Computing System -
NA
CVE-2012-4114
The fabric-interconnect KVM module in Cisco Unified Computing System (UCS) does not encrypt video data, which allows man-in-the-middle malicious users to watch KVM display content by sniffing the network or modify this traffic by inserting packets into the client-server data stre...
Cisco Unified Computing System -
NA
CVE-2015-4259
The Integrated Management Controller on Cisco Unified Computing System (UCS) C servers with software 1.5(3) and 1.6(0.16) has a default SSL certificate, which makes it easier for man-in-the-middle malicious users to bypass cryptographic protection mechanisms by leveraging knowled...
Cisco Unified Computing System 1.6(0.16)
Cisco Unified Computing System 1.5(3)
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-9474
CVE-2024-36620
file inclusion
cache poisoning
man-in-the-middle
CVE-2024-20138
CVE-2024-0012
CVE-2024-20131
CVE-2024-11995
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »