CWE-300: CWE-300

The dectalk-tts Node package versions 1.0.0 sends API requests over unencrypted HTTP, allowing attackers to intercept and modify traffic in man-in-the...

The Forever KidsWatch Call Me KW-50 smartwatch is vulnerable to man-in-the-middle (MITM) attacks due to insufficient security in its communication pro...

This vulnerability allows man-in-the-middle attacks when Eclipse Equinox installations use HTTP repositories for p2 updates. Attackers can intercept a...

This vulnerability allows authenticated local attackers with read-only privileges on Cisco Catalyst SD-WAN Manager to escalate to root privileges on t...

An authentication bypass vulnerability in SoftEther VPN allows local attackers to perform man-in-the-middle attacks against the CiRpcServerThread func...

This vulnerability allows an authenticated attacker to intercept password change requests and replace the legitimate password hash with their own, loc...

This vulnerability in Sunshine game streaming software allows an attacker to gain unauthorized access by exploiting a flaw in the pairing process. Dur...

This vulnerability in IBM Cloud Pak System allows authenticated users with network access to view sensitive information from command-line interface ar...

This vulnerability allows attackers to bypass client isolation mechanisms in network devices, potentially enabling traffic redirection and man-in-the-...