Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-19 | CVE-2023-20881 | Improper Certificate Validation vulnerability in Cloudfoundry Capi-Release, Cf-Deployment and Loggregator-Agent Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. | 8.1 |
| 2023-05-18 | CVE-2022-45457 | Improper Certificate Validation vulnerability in Acronis Agent and Cyber Protect Sensitive information disclosure and manipulation due to improper certification validation. | 7.5 |
| 2023-05-18 | CVE-2022-45458 | Improper Certificate Validation vulnerability in Acronis Agent and Cyber Protect Sensitive information disclosure and manipulation due to improper certification validation. | 7.5 |
| 2023-05-16 | CVE-2023-32994 | Improper Certificate Validation vulnerability in Jenkins Saml Single Sign on Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections. | 3.7 |
| 2023-05-10 | CVE-2023-31151 | Improper Certificate Validation vulnerability in Selinc products An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote unauthenticated attacker to conduct a man-in-the-middle (MitM) attack. See SEL Service Bulletin dated 2022-11-15 for more details. | 4.2 |
| 2023-05-10 | CVE-2023-23901 | Improper Certificate Validation vulnerability in Seiko-Sol products Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. | 6.5 |
| 2023-05-01 | CVE-2022-48186 | Improper Certificate Validation vulnerability in Lenovo Baiying A certificate validation vulnerability exists in the Baiying Android application which could lead to information disclosure. | 6.2 |
| 2023-04-29 | CVE-2023-31484 | Improper Certificate Validation vulnerability in multiple products CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. | 8.1 |
| 2023-04-29 | CVE-2023-31485 | Improper Certificate Validation vulnerability in Gitlab::Api::V4 Project Gitlab::Api::V4 GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server, enabling machine-in-the-middle attacks. | 5.9 |
| 2023-04-29 | CVE-2023-31486 | Improper Certificate Validation vulnerability in multiple products HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. | 8.1 |