Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-25 | CVE-2021-20328 | Improper Certificate Validation vulnerability in multiple products Specific versions of the Java driver that support client-side field level encryption (CSFLE) fail to perform correct host name verification on the KMS server’s certificate. | 6.8 |
| 2021-02-25 | CVE-2021-20327 | Improper Certificate Validation vulnerability in Mongodb Libmongocrypt 1.2.0 A specific version of the Node.js mongodb-client-encryption module does not perform correct validation of the KMS server’s certificate. | 6.8 |
| 2021-02-23 | CVE-2021-27189 | Improper Certificate Validation vulnerability in Cira Canadian Shield The CIRA Canadian Shield app before 4.0.13 for iOS lacks SSL Certificate Validation. | 5.9 |
| 2021-02-19 | CVE-2020-24393 | Improper Certificate Validation vulnerability in Tweetstream Project Tweetstream 2.6.1 TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. | 5.9 |
| 2021-02-19 | CVE-2020-24392 | Improper Certificate Validation vulnerability in Twitter-Stream Project Twitter-Stream 0.1.10 In voloko twitter-stream 0.1.10, missing TLS hostname validation allows an attacker to perform a man-in-the-middle attack against users of the library (because eventmachine is misused). | 5.9 |
| 2021-02-17 | CVE-2021-26911 | Improper Certificate Validation vulnerability in multiple products core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for IMAP in STARTTLS mode. | 7.4 |
| 2021-02-16 | CVE-2020-29457 | Improper Certificate Validation vulnerability in Opcfoundation Ua-.Netstandard A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection. | 4.4 |
| 2021-02-12 | CVE-2021-20649 | Improper Certificate Validation vulnerability in Elecom Wrc-300Febk-S Firmware ELECOM WRC-300FEBK-S contains an improper certificate validation vulnerability. | 4.8 |
| 2021-02-10 | CVE-2021-0341 | Improper Certificate Validation vulnerability in Google Android In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. | 7.5 |
| 2021-02-09 | CVE-2020-4791 | Improper Certificate Validation vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to obtain sensitive information using main in the middle attacks due to improper certificate validation. | 5.3 |