Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-07 | CVE-2020-36127 | Improper Certificate Validation vulnerability in Paxtechnology Paxstore 7.0.820200511171508 Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by an information disclosure vulnerability. | 6.5 |
| 2021-04-26 | CVE-2021-20695 | Improper Certificate Validation vulnerability in Dlink Dap-1880Ac Firmware 1.21 Improper following of a certificate's chain of trust vulnerability in DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to gain root privileges via unspecified vectors. | 8.8 |
| 2021-04-23 | CVE-2021-31597 | Improper Certificate Validation vulnerability in Xmlhttprequest-Ssl Project Xmlhttprequest-Ssl The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized (when the property exists but is undefined) is considered to be false within the https.request function of Node.js. | 9.4 |
| 2021-04-22 | CVE-2021-29653 | Improper Certificate Validation vulnerability in Hashicorp Vault HashiCorp Vault and Vault Enterprise 1.5.1 and newer, under certain circumstances, may exclude revoked but unexpired certificates from the CRL. | 7.5 |
| 2021-04-22 | CVE-2021-27400 | Improper Certificate Validation vulnerability in Hashicorp Vault HashiCorp Vault and Vault Enterprise Cassandra integrations (storage backend and database secrets engine plugin) did not validate TLS certificates when connecting to Cassandra clusters. | 7.5 |
| 2021-04-13 | CVE-2021-3460 | Improper Certificate Validation vulnerability in Motorola Mh702X Firmware The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server certificate during communication with the support server which could lead to the communication channel being accessible by an attacker. | 9.8 |
| 2021-04-12 | CVE-2020-7924 | Improper Certificate Validation vulnerability in Mongodb Database Tools and Mongomirror Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. | 6.5 |
| 2021-04-08 | CVE-2021-22511 | Improper Certificate Validation vulnerability in Microfocus Application Automation Tools Improper Certificate Validation vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. | 6.5 |
| 2021-04-06 | CVE-2021-27899 | Improper Certificate Validation vulnerability in Proofpoint Insider Threat Management The Proofpoint Insider Threat Management Agents (formerly ObserveIT Agent) for MacOS and Linux perform improper validation of the ITM Server's certificate, which enables a remote attacker to intercept and alter these communications using a man-in-the-middle attack. | 7.4 |
| 2021-03-26 | CVE-2021-21374 | Improper Certificate Validation vulnerability in Nim-Lang NIM Nimble is a package manager for the Nim programming language. | 8.1 |