CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-3327

Malware in sbrugna...

7.5CVSS7.6AI score0.00395EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2013-2980

Malware in sbrugna...

4.3CVSS6.4AI score0.00207EPSS

Exploits0References3

RedhatCVE•added 2025/01/14 5:28 p.m.•7 views

CVE-2024-12086

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...

6.1CVSS6.3AI score0.01913EPSS

Exploits1References4

Debian CVE•added 2016/07/23 7:0 p.m.•26 views

CVE-2016-5133

Removed by vendor...

5.3CVSS7.6AI score0.00653EPSS

Exploits0

Prion•added 2016/05/11 1:59 a.m.•13 views

Information disclosure

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows man-in-the-middle attackers to obtain sensitive cleartext information via vectors involving injection of cleartext data into the client-server data stream, aka "TLS/SSL Information Disclosure Vulnerability."...

4.3CVSS6.3AI score0.15754EPSS

Exploits0References3Affected Software1

NVD•added 2016/04/25 6:59 p.m.•9 views

CVE-2016-2346

Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates, which allows man-in-the-middle attackers to execute arbitrary code by modifying fields in the client-server data stream...

8.1CVSS8.3AI score0.00222EPSS

Exploits1References2

OSV•added 2016/04/25 6:59 p.m.•2 views

CVE-2016-2346

8.1CVSS6.1AI score0.00222EPSS

Exploits1References2

OSV•added 2016/01/31 6:59 p.m.•1 views

CVE-2016-1948

Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is used for a lightweight-theme installation, which allows man-in-the-middle attackers to replace a theme's images and colors by modifying the client-server data stream...

5.3CVSS5.8AI score

Exploits0References4

Cvelist•added 2015/03/07 2:0 a.m.•12 views

CVE-2015-1595

The Siemens SPCanywhere application for Android and iOS does not use encryption during lookups of system ID to IP address mappings, which allows man-in-the-middle attackers to discover alarm IP addresses and spoof servers by intercepting the client-server data stream...

6.2AI score0.00141EPSS

Exploits0References1

Cvelist•added 2014/01/23 7:0 p.m.•20 views

CVE-2014-1242

Apple iTunes before 11.1.4 uses HTTP for the iTunes Tutorials window, which allows man-in-the-middle attackers to spoof content by gaining control over the client-server data stream...

5.8AI score0.00463EPSS

Exploits0References5

NVD•added 2013/12/09 6:55 p.m.•21 views

CVE-2013-6427

upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing HPLIP 3.x through 3.13.11 launches a program from an http URL, which allows man-in-the-middle attackers to execute arbitrary code by gaining control over the client-server data stream...

6.8CVSS7.2AI score0.0078EPSS

Exploits1References5

Debian CVE•added 2013/12/09 6:0 p.m.•33 views

CVE-2013-6427

6.8CVSS8.2AI score0.0078EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by