CVE-2019-9682

Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak security login mode that users can control. If the user uses a weak security login method, an attacker c...

CVE-2019-17218

An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. By default, the communication to the web service is unencrypted via http. An attacker is able to intercept and sniff communication to the web service...

CVE-2019-19891

An encryption key vulnerability on Mitel SIP-DECT wireless devices 8.0 and 8.1 could allow an attacker to launch a man-in-the-middle attack. A successful exploit may allow the attacker to intercept sensitive information...

CVE-2019-5291

Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some field...

CVE-2019-5537

Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance 6.7 before 6.7u3a and 6.5 before 6.5u3d may allow a malicious actor to intercept sensitive data in transit over FTP...

CVE-2019-5107

A cleartext transmission vulnerability exists in the network communication functionality of WAGO e!Cockpit version 1.5.1.1. An attacker with access to network traffic can easily intercept, interpret, and manipulate data coming from, or destined for e!Cockpit. This includes passwords,...

CVE-2019-19097

ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. If a connection is enabled using such a cipher, an attacker might be able to eavesdrop and/or intercept the connection...

CVE-2012-2647

Yahoo! Toolbar 1.0.0.5 and earlier for Chrome and Safari allows remote attackers to modify the configured search URL, and intercept search terms, via a crafted web page...

CVE-2009-1211

Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet...

CVE-2009-0802

Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites,...

SUSE CVE-2025-37957

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Previously, commit ed129ec9057f "KVM: x86: forcibly leave nested mode on vCPU reset" addressed an issue where a triple fault occurring in nested mode could lead to...

AZL-70259 CVE-2025-37957 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Previously, commit ed129ec9057f "KVM: x86: forcibly leave nested mode on vCPU reset" addressed an issue where a triple fault occurring in nested mode could lead to...

DEBIAN-CVE-2025-37957

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Previously, commit ed129ec9057f "KVM: x86: forcibly leave nested mode on vCPU reset" addressed an issue where a triple fault occurring in nested mode could lead to...

CVE-2025-37957

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Previously, commit ed129ec9057f "KVM: x86: forcibly leave nested mode on vCPU reset" addressed an issue where a triple fault occurring in nested mode could lead to...

UBUNTU-CVE-2025-37957

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Previously, commit ed129ec9057f "KVM: x86: forcibly leave nested mode on vCPU reset" addressed an issue where a triple fault occurring in nested mode could lead to...

CVE-2025-37957

CVE-2025-37957 describes a Linux kernel KVM/VMX issue where, if a VM enters SMM via KVM_SMI and then encounters invalid instructions leading to exceptions, forcing a vCPU reset during SHUTDOWN interception can trigger a WARN in kvm_vcpu_reset due to the vCPU being in SMM. The root cause is omissi...

CVE-2025-37957 KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Previously, commit ed129ec9057f "KVM: x86: forcibly leave nested mode on vCPU reset" addressed an issue where a triple fault occurring in nested mode could lead to...

CVE-2025-31214

This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. An attacker in a privileged network position may be able to intercept network traffic...

The vulnerability of the Baseband component in iPadOS and iOS operating systems allows attackers to intercept network traffic.

The vulnerability of the Baseband component in iPadOS and iOS systems relates to the transmission of confidential information in plaintext. Exploiting this vulnerability could allow a malicious actor to intercept network traffic remotely...

CVE-2025-31214

This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. An attacker in a privileged network position may be able to intercept network traffic...