Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-11 | CVE-2023-40256 | Improper Certificate Validation vulnerability in Veritas Netbackup Snapshot Manager A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. | 9.8 |
| 2023-07-18 | CVE-2023-34143 | Improper Certificate Validation vulnerability in Hitachi Device Manager Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man in the Middle Attack.This issue affects Hitachi Device Manager: before 8.8.5-02. | 8.1 |
| 2023-07-17 | CVE-2023-3724 | Improper Certificate Validation vulnerability in Wolfssl If a TLS 1.3 client gets neither a PSK (pre shared key) extension nor a KSE (key share extension) when connecting to a malicious server, a default predictable buffer gets used for the IKM (Input Keying Material) value when generating the session master secret. | 8.8 |
| 2023-07-17 | CVE-2023-3615 | Improper Certificate Validation vulnerability in Mattermost Mattermost iOS app fails to properly validate the server certificate while initializing the TLS connection allowing a network attacker to intercept the WebSockets connection. | 8.1 |
| 2023-07-14 | CVE-2023-38325 | Improper Certificate Validation vulnerability in Cryptography.Io Cryptography The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options. | 7.5 |
| 2023-07-05 | CVE-2023-33201 | Improper Certificate Validation vulnerability in Bouncycastle Bc-Java 1.73 Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. | 5.3 |
| 2023-06-19 | CVE-2023-34414 | Improper Certificate Validation vulnerability in Mozilla Firefox The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. | 3.1 |
| 2023-06-16 | CVE-2023-30222 | Improper Certificate Validation vulnerability in 4D Server 17/18/19 An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping. | 7.5 |
| 2023-06-14 | CVE-2023-35142 | Improper Certificate Validation vulnerability in Jenkins Checkmarx Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default. | 8.1 |
| 2023-06-13 | CVE-2023-29501 | Improper Certificate Validation vulnerability in Runsystem Jiyu Kukan Toku-Toku Coupon 3.5.0 Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku coupon App for Android versions 3.5.0 and earlier are vulnerable to improper server certificate verification. | 4.8 |