Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
man-in-the-middle vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-4640
The SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices relies on an HTTP connection to the skslm.swiftkey.net server, which allows man-in-the-middle malicious users to write to language-pack files by modifying an HTTP response. NOTE: CV...
Swiftkey Swiftkey Sdk
5.3
CVSSv3
CVE-2016-6877
Citrix XenMobile Server prior to 10.5.0.24 allows man-in-the-middle malicious users to trigger HTTP 302 redirections via vectors involving the HTTP Host header and a cached page. NOTE: the vendor reports "our internal analysis of this issue concluded that this was not a vali...
Citrix Xenmobile Server
NA
CVE-2014-0036
The rbovirt gem prior to 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote malicious users to conduct man-in-the-middle attacks via unspecified vectors.
Amos Benari Rbovirt 0.0.16
Amos Benari Rbovirt 0.0.15
Amos Benari Rbovirt 0.0.14
Amos Benari Rbovirt 0.0.13
Amos Benari Rbovirt
Amos Benari Rbovirt 0.0.22
Amos Benari Rbovirt 0.0.21
Amos Benari Rbovirt 0.0.8
Amos Benari Rbovirt 0.0.7
Amos Benari Rbovirt 0.0.6
Amos Benari Rbovirt 0.0.5
Amos Benari Rbovirt 0.0.19
Amos Benari Rbovirt 0.0.17
Amos Benari Rbovirt 0.0.12
Amos Benari Rbovirt 0.0.10
Amos Benari Rbovirt 0.0.3
Amos Benari Rbovirt 0.0.1
Amos Benari Rbovirt 0.0.20
Amos Benari Rbovirt 0.0.18
Amos Benari Rbovirt 0.0.11
Amos Benari Rbovirt 0.0.9
Amos Benari Rbovirt 0.0.4
7.4
CVSSv3
CVE-2019-12621
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote malicious user to perform a man-in-the-middle attack. The vulnerability is due to insufficient key management. An attacker could exploit this vulnerability by obtaining a specific encryption key fo...
Cisco Hyperflex Hx220c M5 Firmware 3.0\\(1a\\)
Cisco Hyperflex Hx220c M5 Firmware 3.5\\(2a\\)
Cisco Hyperflex Hx240c M5 Firmware 3.0\\(1a\\)
Cisco Hyperflex Hx240c M5 Firmware 3.5\\(2a\\)
Cisco Hyperflex Hx220c Af M5 Firmware 3.5\\(2a\\)
Cisco Hyperflex Hx220c Af M5 Firmware 3.0\\(1a\\)
Cisco Hyperflex Hx240c Af M5 Firmware 3.0\\(1a\\)
Cisco Hyperflex Hx240c Af M5 Firmware 3.5\\(2a\\)
Cisco Hyperflex Hx220c Edge M5 Firmware 3.0\\(1a\\)
Cisco Hyperflex Hx220c Edge M5 Firmware 3.5\\(2a\\)
8.1
CVSSv3
CVE-2016-4850
LINE for Windows prior to 4.8.3 allows man-in-the-middle malicious users to execute arbitrary code.
Linecorp Line
3.7
CVSSv3
CVE-2021-34682
Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.
Gov Imposto De Renda Da Pessoa Fisica 2021 1.7
5.4
CVSSv3
CVE-2023-26467
A man in the middle can redirect traffic to a malicious server in a compromised configuration.
Pega Synchronization Engine
NA
CVE-2014-3494
kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 prior to 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle malicious users to obtain sensitive information via an invalid certificate.
Opensuse Opensuse 13.1
Kde Kdelibs 4.11.5
Kde Kdelibs 4.11.90
Kde Kdelibs 4.12.4
Kde Kdelibs 4.11.95
Kde Kdelibs 4.11.97
Kde Kdelibs 4.12.0
Kde Kdelibs 4.12.1
Kde Kdelibs 4.12.2
Kde Kdelibs 4.11.0
Kde Kdelibs 4.11.1
Kde Kdelibs 4.11.2
Kde Kdelibs 4.11.3
Kde Kdelibs 4.12.90
Kde Kdelibs 4.12.95
Kde Kdelibs 4.12.97
Kde Kdelibs 4.13.0
Kde Kdelibs 4.12.80
Kde Kdelibs 4.13.1
Kde Kdelibs 4.10.97
Kde Kdelibs 4.11.4
Kde Kdelibs 4.11.80
NA
CVE-2011-1829
APT prior to 0.8.15.2 does not properly validate inline GPG signatures, which allows man-in-the-middle malicious users to install modified packages via vectors involving lack of an initial clearsigned message.
Debian Advanced Package Tool
Canonical Ubuntu Linux 11.04
NA
CVE-2014-0478
APT prior to 1.0.4 does not properly validate source packages, which allows man-in-the-middle malicious users to download and install Trojan horse packages by removing the Release signature.
Debian Advanced Package Tool
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »