Lucene search
K

18 matches found

Veracode
Veracode
added 2025/06/12 8:26 a.m.14 views

Man-In-The-Middle (MITM)

org.postgresql:postgresql is vulnerable to Man-In-The-Middle MITM. The vulnerability is due to improper enforcement of channel-binding requirements in the driver allowing authentication methods that do not support channel binding e.g., password, MD5, GSS, SSPI even when channel binding is set to...

8.2CVSS8.1AI score0.00461EPSS
Exploits0References7Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:47 a.m.3 views

SUSE CVE-2012-1675

The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by...

7.5CVSS9.4AI score0.77633EPSS
Exploits3References4
OSV
OSV
added 2023/02/10 4:15 a.m.4 views

CVE-2022-43501

KASAGO TCP/IP stack provided by Zuken Elmic generates ISNsInitial Sequence Number for TCP connections from an insufficiently random source. An attacker may be able to determine the ISN of the current or future TCP connections and either hijack existing ones or spoof future ones...

9.1CVSS5.8AI score0.00565EPSS
Exploits0References2
CNVD
CNVD
added 2022/05/07 12:0 a.m.24 views

Secomea GateManager Information Disclosure Vulnerability

Secomea GateManager is a remote access server product from the Danish company Secomea. security vulnerability exists in all versions of Secomea GateManager prior to 9.7. The vulnerability stems from the exposure of query string information in GET requests of the LMM API, which could be exploited ...

7.5CVSS3.4AI score0.00232EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/05/04 12:0 a.m.6 views

Secomea GateManager 信息泄露漏洞

Secomea GateManager is a remote access server product from the Danish company Secomea. security vulnerability exists in all versions of Secomea GateManager prior to 9.7. The vulnerability stems from the exposure of query string information in GET requests of the LMM API, which could be exploited ...

7.5CVSS6.6AI score0.00232EPSS
Exploits0References2
OSV
OSV
added 2021/08/17 10:15 p.m.3 views

CVE-2021-28372

ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek TUTK device given a valid 20-byte uniquely assigned identifier UID. This could result in an attacker hijacking a victim's connection and forcing them into supplying credentials needed to access the...

8.3CVSS5.9AI score0.02575EPSS
Exploits1References3
Symantec
Symantec
added 2016/04/15 8:0 a.m.76 views

SA122 : SMB Vulnerabilities in Windows and Samba (Badlock)

SUMMARY Blue Coat products that include affected versions of Microsoft Windows and Samba are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to hijack connections to view and modify traffic, obtain unauthorized access to user passwords and other...

6.8CVSS1.8AI score0.3693EPSS
Exploits0Affected Software6
RedHat Linux
RedHat Linux
added 2016/04/13 1:6 a.m.4 views

samba: Missing downgrade detection

It was found that Samba's LDAP implementation did not enforce integrity protection for LDAP connections. A man-in-the-middle attacker could use this flaw to downgrade LDAP connections to use no integrity protection, allowing them to hijack such connections...

5.9CVSS6.7AI score0.09345EPSS
Exploits0References5
NVD
NVD
added 2014/02/22 9:55 p.m.25 views

CVE-2013-6949

The Belkin WeMo Home Automation firmware before 3949 does not properly use the STUN and TURN protocols, which allows remote attackers to hijack connections and possibly have unspecified other impact by leveraging access to a single WeMo device...

9.3CVSS7.3AI score0.01866EPSS
Exploits1References2
Cvelist
Cvelist
added 2014/02/22 9:0 p.m.27 views

CVE-2013-6949

The Belkin WeMo Home Automation firmware before 3949 does not properly use the STUN and TURN protocols, which allows remote attackers to hijack connections and possibly have unspecified other impact by leveraging access to a single WeMo device...

7.3AI score0.01866EPSS
Exploits1References2
CVE
CVE
added 2014/02/22 9:0 p.m.58 views

CVE-2013-6949

CVE-2013-6949 concerns Belkin Wemo Home Automation devices: the firmware before 3949 does not properly use STUN/TURN, enabling a remote attacker who controls one device to relay connections to other Wemo devices. The impact is described as hijacking connections with potential further impact; expl...

9.3CVSS7.5AI score0.01866EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2014/02/10 6:15 p.m.12 views

CVE-2011-4093

Integer overflow in inc/server.hpp in libnet6 aka net6 before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided...

5.8CVSS6.8AI score0.01761EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2014/02/10 6:15 p.m.23 views

CVE-2011-4093

Integer overflow in inc/server.hpp in libnet6 aka net6 before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided...

5.8CVSS6AI score0.01761EPSS
Exploits0References1
Prion
Prion
added 2014/02/10 6:15 p.m.14 views

Integer overflow

Integer overflow in inc/server.hpp in libnet6 aka net6 before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided...

5.8CVSS7.5AI score0.01761EPSS
Exploits0References7Affected Software3
Cvelist
Cvelist
added 2014/02/10 5:0 p.m.34 views

CVE-2011-4093

Integer overflow in inc/server.hpp in libnet6 aka net6 before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided...

6.7AI score0.01761EPSS
Exploits0References7
CVE
CVE
added 2014/02/10 5:0 p.m.58 views

CVE-2011-4093

CVE-2011-4093 concerns libnet6 (net6) before version 1.3.14, where an integer overflow in inc/server.hpp could allow remote attackers to hijack connections and escalate privileges by exhausting descriptors and supplying the ID of another user. Public documents confirm the affected component (inc/...

5.8CVSS6.8AI score0.01761EPSS
Exploits0References7Affected Software1
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.47 views

Ubuntu Update for openssh vulnerability USN-597-1

Ubuntu Update for Linux kernel vulnerabilities USN-597-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5971.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for openssh vulnerability USN-597-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

6.9CVSS0.2AI score0.00346EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2008/04/01 10:14 p.m.54 views

USN-597-1: OpenSSH vulnerability

Timo Juhani Lindfors discovered that the OpenSSH client, when port forwarding was requested, would listen on any available address family. A local attacker could exploit this flaw on systems with IPv6 enabled to hijack connections, including X11 forwards...

6.9CVSS7.4AI score0.00346EPSS
Exploits1
Rows per page
Query Builder