| CVE-2026-23812 |
2026-03-04 |
A vulnerability has been identified where an attacker connecting to an access point as a standard wired or wireless client can impersonate a gateway by leveraging an address-based spoofing technique. … |
| CVE-2026-23811 |
2026-03-04 |
A vulnerability in the client isolation mechanism may allow an attacker to bypass Layer 2 (L2) communication restrictions between clients and redirect traffic at Layer 3 (L3). In addition to bypassing… |
| CVE-2026-23810 |
2026-03-04 |
A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point (AP) to classify the frame as group-address… |
| CVE-2025-63363 |
2025-12-04 |
A lack of Management Frame Protection in Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 allows attackers to execute d… |
| CVE-2025-40770 |
2025-08-12 |
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring interface that is not operating in a strictly passive mode… |
| CVE-2025-54792 |
2025-08-01 |
LocalSend is an open-source app to securely share files and messages with nearby devices over local networks without needing an internet connection. In versions 1.16.1 and below, a critical Man-in-the… |
| CVE-2024-50568 |
2025-06-10 |
A channel accessible by non-endpoint vulnerability [CWE-300] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7 and before 7.0.14 & FortiProxy version 7.4.0 through 7.4.3, 7.2.0 thro… |
| CVE-2025-31214 |
2025-05-12 |
This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. An attacker in a privileged network position may be able to intercept network traffic. |
| CVE-2025-20122 |
2025-05-07 |
A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to gain privileges of the root user on the underlying operating… |
| CVE-2024-50565 |
2025-04-08 |
A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through … |
| CVE-2023-38272 |
2025-03-27 |
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1
could allow a user with access to the netwo… |
| CVE-2024-36553 |
2025-02-06 |
Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h is vulnerable to MITM attack. |
| CVE-2024-12602 |
2025-02-06 |
Identity verification vulnerability in the ParamWatcher module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2024-27263 |
2025-01-28 |
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to obtain sensitive information from the dashboard UI using man in the middle techniqu… |
| CVE-2024-45407 |
2024-09-10 |
Sunshine is a self-hosted game stream host for Moonlight. Clients that experience a MITM attack during the pairing process may inadvertantly allow access to an unintended client rather than failing au… |
| CVE-2024-32049 |
2024-05-08 |
BIG-IP Next Central Manager (CM) may allow an unauthenticated, remote attacker to obtain the BIG-IP Next LTM/WAF instance credentials.
Note: Software versions which have reached End of Technical Sup… |
| CVE-2019-19751 |
2024-04-30 |
easyMINE before 2019-12-05 ships with SSH host keys baked into the installation image, which allows man-in-the-middle attacks and makes identification of all public IPv4 nodes trivial with Shodan.io. |
| CVE-2024-31206 |
2024-04-04 |
dectalk-tts is a Node package to interact with the aeiou Dectalk web API. In `[email protected]`, network requests to the third-party API are sent over HTTP, which is unencrypted. Unencrypted traffic … |
| CVE-2023-31004 |
2024-02-03 |
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a remote attacker to … |
| CVE-2023-7008 |
2023-12-23 |
A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the up… |