Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-22 | CVE-2021-3935 | Improper Certificate Validation vulnerability in multiple products When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. | 8.1 |
| 2021-11-18 | CVE-2021-23155 | Improper Certificate Validation vulnerability in Gallagher Command Centre Mobile Client Improper validation of the cloud certificate chain in Mobile Client allows man-in-the-middle attack to impersonate the legitimate Command Centre Server. | 6.8 |
| 2021-11-18 | CVE-2021-23162 | Improper Certificate Validation vulnerability in Gallagher Command Centre Mobile Connect Improper validation of the cloud certificate chain in Mobile Connect allows man-in-the-middle attack to impersonate the legitimate Command Centre Server. | 8.1 |
| 2021-11-18 | CVE-2021-23167 | Improper Certificate Validation vulnerability in Gallagher Command Centre Improper certificate validation vulnerability in SMTP Client allows man-in-the-middle attack to retrieve sensitive information from the Command Centre Server. | 6.8 |
| 2021-11-16 | CVE-2021-26320 | Improper Certificate Validation vulnerability in AMD products Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP | 5.5 |
| 2021-11-02 | CVE-2021-41019 | Improper Certificate Validation vulnerability in Fortinet Fortios An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiOS versions 6.4.6 and below may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials. | 6.5 |
| 2021-11-02 | CVE-2021-29737 | Improper Certificate Validation vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Data Flow Designer Engine (IBM InfoSphere Information Server 11.7 ) component has improper validation of the REST API server certificate. | 7.5 |
| 2021-10-28 | CVE-2021-22278 | Improper Certificate Validation vulnerability in ABB Update Manager A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed. | 6.7 |
| 2021-10-27 | CVE-2021-36756 | Improper Certificate Validation vulnerability in Northern.Tech Cfengine CFEngine Enterprise 3.15.0 through 3.15.4 has Missing SSL Certificate Validation. | 6.5 |
| 2021-10-18 | CVE-2021-41611 | Improper Certificate Validation vulnerability in multiple products An issue was discovered in Squid 5.0.6 through 5.1.x before 5.2. | 7.5 |