Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-22 | CVE-2021-39360 | Improper Certificate Validation vulnerability in multiple products In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. | 5.9 |
| 2021-08-22 | CVE-2021-39361 | Improper Certificate Validation vulnerability in Gnome Evolution-Rss In GNOME evolution-rss through 0.3.96, network-soup.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. | 5.9 |
| 2021-08-19 | CVE-2021-37698 | Improper Certificate Validation vulnerability in multiple products Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. | 7.5 |
| 2021-08-16 | CVE-2021-22939 | Improper Certificate Validation vulnerability in multiple products If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted. | 5.3 |
| 2021-08-13 | CVE-2021-32069 | Improper Certificate Validation vulnerability in Mitel Micollab The AWV component of Mitel MiCollab before 9.3 could allow an attacker to perform a Man-In-the-Middle attack due to improper TLS negotiation. | 4.8 |
| 2021-08-13 | CVE-2021-31399 | Improper Certificate Validation vulnerability in 2N Access Unit 2.0 Firmware 2.31.0.40.5 On 2N Access Unit 2.0 2.31.0.40.5 devices, an attacker can pose as the web relay for a man-in-the-middle attack. | 5.9 |
| 2021-08-05 | CVE-2021-22926 | Improper Certificate Validation vulnerability in multiple products libcurl-using applications can ask for a specific client certificate to be used in a transfer. | 7.5 |
| 2021-08-05 | CVE-2021-32581 | Improper Certificate Validation vulnerability in Acronis products Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation. | 8.1 |
| 2021-07-30 | CVE-2021-35193 | Improper Certificate Validation vulnerability in Pattersondental Eaglesoft Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers' installations (that have the same software version). | 7.5 |
| 2021-07-26 | CVE-2020-12681 | Improper Certificate Validation vulnerability in 3Xlogic Infinias Eidc32 Firmware 2.213/3.4.125 Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an attacker to intercept/control the channel by which door lock policies are applied. | 7.5 |