Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-17 | CVE-2023-3615 | Improper Certificate Validation vulnerability in Mattermost Mattermost iOS app fails to properly validate the server certificate while initializing the TLS connection allowing a network attacker to intercept the WebSockets connection. | 8.1 |
| 2023-07-14 | CVE-2023-38325 | Improper Certificate Validation vulnerability in Cryptography.Io Cryptography The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options. | 7.5 |
| 2023-07-05 | CVE-2023-33201 | Improper Certificate Validation vulnerability in Bouncycastle Bc-Java 1.73 Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. | 5.3 |
| 2023-06-19 | CVE-2023-34414 | Improper Certificate Validation vulnerability in Mozilla Firefox The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. | 3.1 |
| 2023-06-16 | CVE-2023-30222 | Improper Certificate Validation vulnerability in 4D Server 17/18/19 An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping. | 7.5 |
| 2023-06-14 | CVE-2023-35142 | Improper Certificate Validation vulnerability in Jenkins Checkmarx Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default. | 8.1 |
| 2023-06-13 | CVE-2023-29501 | Improper Certificate Validation vulnerability in Runsystem Jiyu Kukan Toku-Toku Coupon 3.5.0 Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku coupon App for Android versions 3.5.0 and earlier are vulnerable to improper server certificate verification. | 4.8 |
| 2023-06-13 | CVE-2023-29175 | Improper Certificate Validation vulnerability in Fortinet Fortios and Fortiproxy An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the vulnerable device and the remote FortiGuard's map server. | 4.8 |
| 2023-06-05 | CVE-2023-34410 | Improper Certificate Validation vulnerability in QT An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. | 5.3 |
| 2023-06-02 | CVE-2023-0430 | Improper Certificate Validation vulnerability in Mozilla Thunderbird Certificate OCSP revocation status was not checked when verifying S/Mime signatures. | 6.5 |