Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-17 | CVE-2022-31083 | Improper Certificate Validation vulnerability in Parseplatform Parse-Server Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 7.5 |
| 2022-06-15 | CVE-2022-32151 | Improper Certificate Validation vulnerability in Splunk The httplib and urllib Python libraries that Splunk shipped with Splunk Enterprise did not validate certificates using the certificate authority (CA) certificate stores by default in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203. | 9.1 |
| 2022-06-15 | CVE-2022-32152 | Improper Certificate Validation vulnerability in Splunk Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. | 7.2 |
| 2022-06-15 | CVE-2022-32153 | Improper Certificate Validation vulnerability in Splunk Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. | 8.1 |
| 2022-06-15 | CVE-2022-32156 | Improper Certificate Validation vulnerability in Splunk In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface (CLI) did not validate TLS certificates while connecting to a remote Splunk platform instance by default. | 8.1 |
| 2022-06-14 | CVE-2022-29482 | Improper Certificate Validation vulnerability in Dena Mobaoku-Auction & Flea Market 'Mobaoku-Auction&Flea Market' App for iOS versions prior to 5.5.16 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack. | 3.7 |
| 2022-06-10 | CVE-2022-32563 | Improper Certificate Validation vulnerability in Couchbase Sync Gateway 3.0.0/3.0.1 An issue was discovered in Couchbase Sync Gateway 3.x before 3.0.2. | 9.8 |
| 2022-06-03 | CVE-2022-26493 | Improper Certificate Validation vulnerability in Drupal Saml SP 2.0 Single Sign on Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability. | 8.8 |
| 2022-06-02 | CVE-2022-26491 | Improper Certificate Validation vulnerability in multiple products An issue was discovered in Pidgin before 2.14.9. | 5.9 |
| 2022-06-02 | CVE-2022-27782 | Improper Certificate Validation vulnerability in multiple products libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. | 7.5 |