Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-02 | CVE-2023-0547 | Improper Certificate Validation vulnerability in Mozilla Thunderbird OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. | 6.5 |
| 2023-05-26 | CVE-2023-28321 | Improper Certificate Validation vulnerability in multiple products An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. | 5.9 |
| 2023-05-26 | CVE-2023-1664 | Improper Certificate Validation vulnerability in Redhat products A flaw was found in Keycloak. | 6.5 |
| 2023-05-19 | CVE-2023-20881 | Improper Certificate Validation vulnerability in Cloudfoundry Capi-Release, Cf-Deployment and Loggregator-Agent Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. | 8.1 |
| 2023-05-18 | CVE-2022-45457 | Improper Certificate Validation vulnerability in Acronis Agent and Cyber Protect Sensitive information disclosure and manipulation due to improper certification validation. | 7.5 |
| 2023-05-18 | CVE-2022-45458 | Improper Certificate Validation vulnerability in Acronis Agent and Cyber Protect Sensitive information disclosure and manipulation due to improper certification validation. | 7.5 |
| 2023-05-16 | CVE-2023-32994 | Improper Certificate Validation vulnerability in Jenkins Saml Single Sign on Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections. | 3.7 |
| 2023-05-10 | CVE-2023-31151 | Improper Certificate Validation vulnerability in Selinc products An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote unauthenticated attacker to conduct a man-in-the-middle (MitM) attack. See SEL Service Bulletin dated 2022-11-15 for more details. | 4.2 |
| 2023-05-10 | CVE-2023-23901 | Improper Certificate Validation vulnerability in Seiko-Sol products Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. | 6.5 |
| 2023-05-01 | CVE-2022-48186 | Improper Certificate Validation vulnerability in Lenovo Baiying A certificate validation vulnerability exists in the Baiying Android application which could lead to information disclosure. | 6.2 |