Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-04 | CVE-2022-24901 | Improper Certificate Validation vulnerability in Parseplatform Parse-Server Improper validation of the Apple certificate URL in the Apple Game Center authentication adapter allows attackers to bypass authentication, making the server vulnerable to DoS attacks. | 7.5 |
| 2022-05-03 | CVE-2022-1343 | Improper Certificate Validation vulnerability in multiple products The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. | 5.3 |
| 2022-04-22 | CVE-2021-3898 | Improper Certificate Validation vulnerability in Motorola Device Help and Ready for Versions of Motorola Ready For and Motorola Device Help Android applications prior to 2021-04-08 do not properly verify the server certificate which could lead to the communication channel being accessible by an attacker. | 6.5 |
| 2022-04-20 | CVE-2022-27536 | Improper Certificate Validation vulnerability in Golang GO 1.18.0 Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. | 7.5 |
| 2022-04-12 | CVE-2022-22549 | Improper Certificate Validation vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. | 8.1 |
| 2022-04-11 | CVE-2022-20071 | Improper Certificate Validation vulnerability in Google Android 11.0/12.0 In ccu, there is a possible escalation of privilege due to a missing certificate validation. | 6.7 |
| 2022-04-11 | CVE-2022-20081 | Improper Certificate Validation vulnerability in Google Android 10.0/11.0/12.0 In A-GPS, there is a possible man in the middle attack due to improper certificate validation. | 5.9 |
| 2022-04-02 | CVE-2022-28352 | Improper Certificate Validation vulnerability in Weechat WeeChat (aka Wee Enhanced Environment for Chat) 3.2 to 3.4 before 3.4.1 does not properly verify the TLS certificate of the server, after certain GnuTLS options are changed, which allows man-in-the-middle attackers to spoof a TLS chat server via an arbitrary certificate. | 4.8 |
| 2022-03-29 | CVE-2022-28142 | Improper Certificate Validation vulnerability in Jenkins Proxmox Jenkins Proxmox Plugin 0.6.0 and earlier disables SSL/TLS certificate validation globally for the Jenkins controller JVM when configured to ignore SSL/TLS issues. | 7.5 |
| 2022-03-28 | CVE-2022-0123 | Improper Certificate Validation vulnerability in Gitlab An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. | 6.8 |