Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-28 | CVE-2022-34394 | Improper Certificate Validation vulnerability in Dell Smartfabric Os10 10.5.3.4 Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. | 3.7 |
| 2022-09-23 | CVE-2021-45035 | Improper Certificate Validation vulnerability in Velneo Vclient 28.1.3 Velneo vClient on its 28.1.3 version, does not correctly check the certificate of authenticity by default. | 5.9 |
| 2022-09-23 | CVE-2022-33681 | Improper Certificate Validation vulnerability in Apache Pulsar Delayed TLS hostname verification in the Pulsar Java Client and the Pulsar Proxy make each client vulnerable to a man in the middle attack. | 5.9 |
| 2022-09-23 | CVE-2022-33682 | Improper Certificate Validation vulnerability in Apache Pulsar TLS hostname verification cannot be enabled in the Pulsar Broker's Java Client, the Pulsar Broker's Java Admin Client, the Pulsar WebSocket Proxy's Java Client, and the Pulsar Proxy's Admin Client leaving intra-cluster connections and geo-replication connections vulnerable to man in the middle attacks, which could leak credentials, configuration data, message data, and any other data sent by these clients. | 5.9 |
| 2022-09-23 | CVE-2022-33683 | Improper Certificate Validation vulnerability in Apache Pulsar Apache Pulsar Brokers and Proxies create an internal Pulsar Admin Client that does not verify peer TLS certificates, even when tlsAllowInsecureConnection is disabled via configuration. | 5.9 |
| 2022-09-21 | CVE-2022-41243 | Improper Certificate Validation vulnerability in Jenkins Smalltest Jenkins SmallTest Plugin 1.0.4 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections. | 8.1 |
| 2022-09-21 | CVE-2022-41244 | Improper Certificate Validation vulnerability in Jenkins View26 Test-Reporting Jenkins View26 Test-Reporting Plugin 1.0.7 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections. | 8.1 |
| 2022-09-19 | CVE-2022-29908 | Improper Certificate Validation vulnerability in Fabasoft Cloud Enterprise Client 22.4.0043 The folioupdate service in Fabasoft Cloud Enterprise Client 22.4.0043 allows Local Privilege Escalation. | 7.8 |
| 2022-09-14 | CVE-2022-34831 | Improper Certificate Validation vulnerability in Primekey Ejbca An issue was discovered in Keyfactor PrimeKey EJBCA before 7.9.0, related to possible inconsistencies in DNS identifiers submitted in an ACME order and the corresponding CSR submitted during finalization. | 9.8 |
| 2022-09-12 | CVE-2022-36173 | Improper Certificate Validation vulnerability in Freshworks Freshservice Agent and Freshservice Probe FreshService macOS Agent < 4.4.0 and FreshServce Linux Agent < 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service. | 8.1 |