Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-05 | CVE-2021-22926 | Improper Certificate Validation vulnerability in multiple products libcurl-using applications can ask for a specific client certificate to be used in a transfer. | 7.5 |
| 2021-08-05 | CVE-2021-32581 | Improper Certificate Validation vulnerability in Acronis products Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation. | 8.1 |
| 2021-07-30 | CVE-2021-35193 | Improper Certificate Validation vulnerability in Pattersondental Eaglesoft Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers' installations (that have the same software version). | 7.5 |
| 2021-07-26 | CVE-2020-12681 | Improper Certificate Validation vulnerability in 3Xlogic Infinias Eidc32 Firmware 2.213/3.4.125 Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an attacker to intercept/control the channel by which door lock policies are applied. | 7.5 |
| 2021-07-19 | CVE-2020-36425 | Improper Certificate Validation vulnerability in multiple products An issue was discovered in Arm Mbed TLS before 2.24.0. | 5.3 |
| 2021-07-17 | CVE-2021-32574 | Improper Certificate Validation vulnerability in Hashicorp Consul HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. | 7.5 |
| 2021-07-15 | CVE-2021-34558 | Improper Certificate Validation vulnerability in multiple products The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic. | 6.5 |
| 2021-07-13 | CVE-2021-32755 | Improper Certificate Validation vulnerability in Wire Wire is a collaboration platform. | 4.3 |
| 2021-07-12 | CVE-2021-32727 | Improper Certificate Validation vulnerability in Nextcloud Nextcloud Android Client is the Android client for Nextcloud. | 7.5 |
| 2021-07-12 | CVE-2021-36377 | Improper Certificate Validation vulnerability in multiple products Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname check during TLS certificate validation. | 7.5 |