Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-27 | CVE-2019-8531 | Improper Certificate Validation vulnerability in Apple mac OS X A validation issue existed in Trust Anchor Management. | 9.8 |
| 2020-10-27 | CVE-2019-8642 | Improper Certificate Validation vulnerability in Apple mac OS X An issue existed in the handling of S-MIME certificates. | 3.3 |
| 2020-10-22 | CVE-2019-17007 | Improper Certificate Validation vulnerability in multiple products In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service. | 7.5 |
| 2020-10-22 | CVE-2020-9868 | Improper Certificate Validation vulnerability in Apple products A certificate validation issue existed when processing administrator added certificates. | 9.1 |
| 2020-10-21 | CVE-2020-3557 | Improper Certificate Validation vulnerability in Cisco Secure Firewall Management Center A vulnerability in the host input API daemon of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 5.3 |
| 2020-10-20 | CVE-2020-3994 | Improper Certificate Validation vulnerability in VMWare Cloud Foundation and Vcenter Server VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. | 7.4 |
| 2020-10-09 | CVE-2020-13955 | Improper Certificate Validation vulnerability in Apache Calcite HttpUtils#getURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. | 5.9 |
| 2020-09-27 | CVE-2020-26117 | Improper Certificate Validation vulnerability in multiple products In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. | 8.1 |
| 2020-09-24 | CVE-2016-11086 | Improper Certificate Validation vulnerability in Oauth-Ruby Project Oauth-Ruby lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby does not verify server X.509 certificates if a certificate bundle cannot be found, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information. | 7.4 |
| 2020-09-24 | CVE-2020-24560 | Improper Certificate Validation vulnerability in Trendmicro products An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one. | 7.5 |