Vulnerabilities > Improper Certificate Validation

DATE CVE VULNERABILITY TITLE RISK
2024-01-30 CVE-2023-51837 Improper Certificate Validation vulnerability in Meshcentral 1.1.16
Ylianst MeshCentral 1.1.16 is vulnerable to Missing SSL Certificate Validation.
network
low complexity
meshcentral CWE-295
critical
9.8
2024-01-25 CVE-2023-33757 Improper Certificate Validation vulnerability in Splicecom Ipcs and Ipcs2
A lack of SSL certificate validation in Splicecom iPCS (iOS App) v1.3.4, iPCS2 (iOS App) v2.8 and before, and iPCS (Android App) v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack.
network
high complexity
splicecom CWE-295
5.9
2024-01-25 CVE-2023-33760 Improper Certificate Validation vulnerability in Splicecom Maximiser Soft PBX
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate.
network
high complexity
splicecom CWE-295
5.3
2024-01-19 CVE-2023-6043 Improper Certificate Validation vulnerability in Lenovo Vantage
A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker to bypass integrity checks and execute arbitrary code with elevated privileges.
local
low complexity
lenovo CWE-295
7.8
2023-12-22 CVE-2023-51662 Improper Certificate Validation vulnerability in Snowflake Connector
The Snowflake .NET driver provides an interface to the Microsoft .NET open source software framework for developing applications.
network
high complexity
snowflake CWE-295
7.5
2023-12-21 CVE-2023-5594 Improper Certificate Validation vulnerability in Eset products
Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted.
network
low complexity
eset CWE-295
8.6
2023-12-19 CVE-2023-1514 Improper Certificate Validation vulnerability in Hitachienergy Rtu500 Scripting Interface 1.0.1.30/1.0.2/1.1.1
A vulnerability exists in the component RTU500 Scripting interface.
network
low complexity
hitachienergy CWE-295
7.5
2023-12-15 CVE-2023-6680 Improper Certificate Validation vulnerability in Gitlab
An improper certificate validation issue in Smartcard authentication in GitLab EE affecting all versions from 11.6 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows an attacker to authenticate as another user given their public key if they use Smartcard authentication.
network
high complexity
gitlab CWE-295
8.1
2023-12-12 CVE-2009-4123 Improper Certificate Validation vulnerability in Jruby Jruby-Openssl
The jruby-openssl gem before 0.6 for JRuby mishandles SSL certificate validation.
network
low complexity
jruby CWE-295
7.5
2023-12-12 CVE-2023-48427 Improper Certificate Validation vulnerability in Siemens Sinec INS 1.0
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2).
network
low complexity
siemens CWE-295
critical
9.8