Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-16 | CVE-2022-48306 | Improper Certificate Validation vulnerability in Palantir Gotham Chat IRC Improper Validation of Certificate with Host Mismatch vulnerability in Gotham Chat IRC helper of Palantir Gotham allows A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. | 6.8 |
| 2023-02-16 | CVE-2022-48307 | Improper Certificate Validation vulnerability in Palantir Magritte-Ftp It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. | 3.7 |
| 2023-02-16 | CVE-2022-48308 | Improper Certificate Validation vulnerability in Palantir Sls-Logging It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. | 3.7 |
| 2023-02-14 | CVE-2023-22943 | Improper Certificate Validation vulnerability in Splunk products In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs. | 5.3 |
| 2023-02-13 | CVE-2023-22367 | Improper Certificate Validation vulnerability in Ichiranusa Ichiran Ichiran App for iOS versions prior to 3.1.0 and Ichiran App for Android versions prior to 3.1.0 improperly verify server certificates, which may allow a remote unauthenticated attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack. | 5.9 |
| 2023-02-11 | CVE-2022-34404 | Improper Certificate Validation vulnerability in Dell System Update 1.9/1.9.1 Dell System Update, version 2.0.0 and earlier, contains an Improper Certificate Validation in data parser module. | 6.0 |
| 2023-02-06 | CVE-2022-46496 | Improper Certificate Validation vulnerability in Bticino Door Entry for Hometouch BTicino Door Entry HOMETOUCH for iOS 1.4.2 was discovered to be missing an SSL certificate. | 5.9 |
| 2023-02-03 | CVE-2022-31733 | Improper Certificate Validation vulnerability in Cloudfoundry Cf-Deployment and Diego Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up to 23.2.0, apps are accessible via another port on diego cells, allowing application ingress without a client certificate. | 9.1 |
| 2023-02-01 | CVE-2022-3913 | Improper Certificate Validation vulnerability in Rapid7 Nexpose Rapid7 Nexpose and InsightVM versions 6.6.82 through 6.6.177 fail to validate the certificate of the update server when downloading updates. | 5.3 |
| 2023-02-01 | CVE-2022-45100 | Improper Certificate Validation vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation vulnerability. | 9.8 |