Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-18 | CVE-2021-23167 | Improper Certificate Validation vulnerability in Gallagher Command Centre Improper certificate validation vulnerability in SMTP Client allows man-in-the-middle attack to retrieve sensitive information from the Command Centre Server. | 6.8 |
| 2021-11-16 | CVE-2021-26320 | Improper Certificate Validation vulnerability in AMD products Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP | 5.5 |
| 2021-11-02 | CVE-2021-41019 | Improper Certificate Validation vulnerability in Fortinet Fortios An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiOS versions 6.4.6 and below may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials. | 6.5 |
| 2021-11-02 | CVE-2021-29737 | Improper Certificate Validation vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Data Flow Designer Engine (IBM InfoSphere Information Server 11.7 ) component has improper validation of the REST API server certificate. | 7.5 |
| 2021-10-28 | CVE-2021-22278 | Improper Certificate Validation vulnerability in ABB Update Manager A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed. | 6.7 |
| 2021-10-27 | CVE-2021-36756 | Improper Certificate Validation vulnerability in Northern.Tech Cfengine CFEngine Enterprise 3.15.0 through 3.15.4 has Missing SSL Certificate Validation. | 6.5 |
| 2021-10-18 | CVE-2021-41611 | Improper Certificate Validation vulnerability in multiple products An issue was discovered in Squid 5.0.6 through 5.1.x before 5.2. | 7.5 |
| 2021-10-13 | CVE-2021-20833 | Improper Certificate Validation vulnerability in Soda-Inc Snkrdunk The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on and/or alter encrypted communication via a crafted certificate. | 7.4 |
| 2021-10-12 | CVE-2021-25634 | Improper Certificate Validation vulnerability in multiple products LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. | 7.5 |
| 2021-10-11 | CVE-2021-25633 | Improper Certificate Validation vulnerability in multiple products LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. | 7.5 |