Lucene search
+L

117 matches found

openvas
openvas
added 2018/08/02 12:0 a.m.51 views

Burp Suite < 1.7.34 'Collaborator server certificate' MITM Vulnerability - Windows

Burp Suite Community Edition is prone to a man-in-the-middle MITM vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.9CVSS5.7AI score0.00876EPSS
Exploits0References2
openvas
openvas
added 2018/08/02 12:0 a.m.52 views

Burp Suite < 1.7.34 'Collaborator server certificate' MITM Vulnerability - Mac OS X

Burp Suite Community Edition is prone to a man-in-the-middle MITM vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.9CVSS5.7AI score0.00876EPSS
Exploits0References2
openvas
openvas
added 2018/06/19 12:0 a.m.62 views

Burp Suite CE 1.7.32 - 1.7.33 MITM Vulnerability - Mac OS X

Burp Suite Community Edition is prone to a man-in-the-middle MITM vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.4CVSS7.5AI score0.00494EPSS
Exploits0References1
openvas
openvas
added 2018/06/19 12:0 a.m.49 views

Burp Suite CE 1.7.32 - 1.7.33 MITM Vulnerability - Linux

Burp Suite Community Edition is prone to a man-in-the-middle MITM vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.4CVSS7.5AI score0.00494EPSS
Exploits0References1
nvd
nvd
added 2018/06/01 6:29 p.m.24 views

CVE-2016-10610

unicode-json is a unicode lookup table. unicode-json before 2.0.0 downloads data resources over HTTP, which leaves it vulnerable to MITM attacks...

8.1CVSS8AI score0.00546EPSS
Exploits0References1
osv
osv
added 2018/06/01 6:29 p.m.6 views

CVE-2016-10599

sauce-connect is a Node.js wrapper over the SauceLabs SauceConnect.jar program for establishing a secure tunnel for intranet testing. sauce-connect downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping o...

8.1CVSS6.3AI score0.01682EPSS
Exploits0References1
cve
cve
added 2018/04/11 5:0 p.m.41 views

CVE-2017-8154

The CVE-2017-8154 entry concerns Huawei/Honor devices (Themes App on Honor 8 Lite) with software versions prior to Prague-L31C576B172, Prague-L31C530B160, and Prague-L31C432B180. The underlying issue is an MITM vulnerability arising from the use of insecure HTTP to download themes, enabling an at...

5.3CVSS5.2AI score0.00379EPSS
Exploits0References1Affected Software1
openvas
openvas
added 2017/09/22 12:0 a.m.25 views

Samba Server 'SMB3' MitM Vulnerability (CVE-2017-12151)

Samba is prone to a MitM vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:samba:samba"; ifdescription...

7.4CVSS7.6AI score0.04595EPSS
Exploits0References2
nessus
nessus
added 2017/08/08 12:0 a.m.33 views

Tenable Nessus Agent 6.x < 6.11 MITM Vulnerability During Linking (TNS-2017-11)

The version of Nessus Agent installed on the remote Windows host is 6.x prior to 6.11. It is, therefore, affected by a MITM vulnerability that can be exploited during the agent linking process. This is due to the fact that during an initial connection to Tenable.io or Nessus Manager when linking...

7.4CVSS7.1AI score0.00571EPSS
Exploits0References2
openvas
openvas
added 2017/05/15 12:0 a.m.27 views

PostgreSQL MITM Vulnerability (May 2017) - Windows

PostgreSQL is prone to a man-in-the-middle MITM vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.9CVSS6.6AI score0.02042EPSS
Exploits0References1
cve
cve
added 2017/03/14 10:0 p.m.51 views

CVE-2015-8987

McAfee Agent (MA) for non-Mac OS, version 4.8.0 patch 2 and earlier, is affected by a MitM vulnerability that lets an attacker cause a MA instance to communicate with a rogue ePO server via migration to another ePO server. The OpenVAS entry and NVD record corroborate the MITM impact but do not pr...

5.3CVSS5.2AI score0.00519EPSS
Exploits0References1Affected Software1
cve
cve
added 2017/03/09 5:0 p.m.89 views

CVE-2017-6432

The CVE-2017-6432 entry concerns Dahua DHI-HCVR7216A-S3 devices (firmware 3.210.0001.10, build 2016-06-06). The Dahua DVR protocol on TCP port 37777 is an unencrypted binary protocol; a Man-in-the-Middle can sniff and inject packets, enabling creation of fully privileged new users and capture of ...

9.3CVSS8.2AI score0.01025EPSS
Exploits0References2Affected Software1
hackerone
hackerone
added 2016/11/09 11:34 p.m.24 views

Paragon Initiative Enterprises: Using plain git protocol (vulnerable to MITM)

Using plain git protocol git://domain is insecure as the server is not verified MITM attacker can return different content if last commit not checked against known one more information about this issue Protocols to choose from when cloning: https://gist.github.com/grawity/4392747...

0.6AI score
Exploits0
hackerone
hackerone
added 2016/11/09 11:10 p.m.19 views

Paragon Initiative Enterprises: Incorrect detection of onion URLs

Several places have incorrect code to detect if URL point to .onion domain tor hidden server: The following regexes: 1. ^https://^/:+.onion:?:0-9+ 2. ^https?://^/+.onion which is used in: https://github.com/paragonie/airship/blob/0e9289553cdc538556d362faaee63be6cc534a0c/src/Engine/Hail.phpL223...

Exploits0
nessus
nessus
added 2016/09/09 12:0 a.m.19 views

Blue Coat ProxyClient < 3.3.3.3 / 3.4.x < 3.4.4.10 Certificate Validation MitM

The version of Blue Coat ProxyClient installed on the remote Windows host is either prior to 3.3.3.3 or is 3.4.x prior to 3.4.4.10. It is, therefore, affected by a man-in-the-middle MitM vulnerability due to improper validation of the Client Manager certificate. A MitM attacker can exploit this,...

7.1CVSS6AI score0.00698EPSS
Exploits0References2
nessus
nessus
added 2016/09/09 12:0 a.m.46 views

Blue Coat ProxyClient < 3.3.3.3 / 3.4.x < 3.4.4.10 Certificate Validation MitM

The version of Blue Coat ProxyClient installed on the remote Windows host is either prior to 3.3.3.3 or is 3.4.x prior to 3.4.4.10. It is, therefore, affected by a man-in-the-middle MitM vulnerability due to improper validation of the Client Manager certificate. A MitM attacker can exploit this,...

7.1CVSS6AI score0.00698EPSS
Exploits0References2
openvas
openvas
added 2016/06/02 12:0 a.m.32 views

MariaDB Man-in-the-Middle Attack Vulnerability (Jun 2016) - Linux

MariaDB is prone to a man-in-the-middle MITM vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb";...

5.9CVSS6.5AI score0.07083EPSS
Exploits1References2
threatpost
threatpost
added 2016/03/10 2:18 p.m.16 views

Samsung Windows Laptop Owners Urged To Download Fix To MitM Vulnerability

Samsung laptop owners are being urged to update their Windows PCs after the discovery of a vulnerability that can allow remote attackers to download files onto a targeted system and gain complete control over the laptop. The flaw is tied to a feature called “Samsung SW Update Tool 2.2.5.16”...

0.4AI score
Exploits0References4
oraclelinux
oraclelinux
added 2016/03/09 12:0 a.m.109 views

openssl098e security update

0.9.8e-20.0.1.1 - Updated the description 0.9.8e-20.1 - fix CVE-2015-0293 - triggerable assert in SSLv2 server - fix CVE-2015-3197 - SSLv2 ciphersuite enforcement - disable SSLv2 in the generic TLS method 0.9.8e-20 - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability...

5.8CVSS1.8AI score0.95326EPSS
Exploits11
osv
osv
added 2015/12/31 12:0 a.m.2 views

UBUNTU-CVE-2015-7575

Mozilla Network Security Services NSS before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof...

5.9CVSS6.6AI score0.0288EPSS
Exploits0References14
Rows per page
Query Builder