SSH Communications Security SSH Tectia Server 安全漏洞

SSH Communications Security SSH Tectia Server is a remote login server software from SSH Communications Security, Finland. A security vulnerability exists in SSH Communications Security SSH Tectia Server versions prior to 6.6.6, which stems from a vulnerability that could allow an attacker to rea...

PT-2025-40416

Name of the Vulnerable Software and Affected Versions SSH Tectia Server versions prior to 6.6.6 Description SSH Tectia Server versions prior to 6.6.6 may allow attackers to read and alter a user's session traffic. Recommendations Update SSH Tectia Server to version 6.6.6 or later...

ECOVACS HOME mobile app plugins 信任管理问题漏洞

The ECOVACS HOME mobile app plugins is a mobile app plugin from ECOVACS, China. A security vulnerability exists in the ECOVACS HOME mobile app plugins that stems from the mobile app plugin not properly validating TLS certificates. An unauthenticated attacker could read or modify TLS traffic and...

CVE-2022-48308

It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack wou...

CVE-2020-3549

A vulnerability in the sftunnel functionality of Cisco Firepower Management Center FMC Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to obtain the device registration hash. The vulnerability is due to insufficient sftunnel negotiation...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM OS Images for Red Hat Linux Systems, AIX, and Windows-based deployments. (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM OS Images for Red Hat Linux Systems, AIX, and Windows-based deployments. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain...

Siemens LOGO!8 BM Man-in-the-Middle Attack Vulnerability

LOGO!8 is the 8th generation of Siemens intelligent logic controllers, the Nano PLC in the Siemens PLC family, which simplifies programming configurations, has an integrated panel for more displays, and can be easily networked and efficiently interconnected via the integrated Ethernet interface...

CVE-2017-12735

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. An attacker who performs a Man-in-the-Middle attack between the LOGO! BM and other devices could potentially decrypt and modify network traffic...

Ubuntu 14.04 LTS : OpenSSL vulnerabilities (USN-2232-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2232-1 advisory. Jri Aedla discovered that OpenSSL incorrectly handled invalid DTLS fragments. A remote attacker could use this issue to cause OpenSSL to crash, resulting...

openssl: SSL/TLS MITM vulnerability

It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server...

openssl: SSL/TLS MITM vulnerability

It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server...

openssl: SSL/TLS MITM vulnerability

It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server...

Code injection

The fabric-interconnect component in Cisco Unified Computing System UCS does not encrypt KVM virtual-media data, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or modify this traffic by inserting packets into the client-server data stream, aka Bug...