Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-16 | CVE-2020-2252 | Improper Certificate Validation vulnerability in Jenkins Mailer Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server. | 4.8 |
| 2020-09-11 | CVE-2020-25276 | Improper Certificate Validation vulnerability in Primekey Ejbca An issue was discovered in PrimeKey EJBCA 6.x and 7.x before 7.4.1. | 7.3 |
| 2020-09-11 | CVE-2018-19946 | Improper Certificate Validation vulnerability in Qnap Helpdesk The vulnerability have been reported to affect earlier versions of Helpdesk. | 5.9 |
| 2020-08-31 | CVE-2020-11617 | Improper Certificate Validation vulnerability in multiple products The RSS application on THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes doesn't validate the SSL certificates of RSS servers, which allows a man-in-the-middle attacker to modify the data delivered to the client. | 5.9 |
| 2020-08-27 | CVE-2020-24715 | Improper Certificate Validation vulnerability in Scalyr Agent The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, native Python code is used that lacks a comparison of the hostname to commonName and subjectAltName. | 9.8 |
| 2020-08-27 | CVE-2020-24714 | Improper Certificate Validation vulnerability in Scalyr Agent The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, the openssl binary is called without the -verify_hostname option. | 9.8 |
| 2020-08-26 | CVE-2020-24661 | Improper Certificate Validation vulnerability in multiple products GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not configured to use a system-provided PKCS#11 store. | 5.9 |
| 2020-08-26 | CVE-2020-5913 | Improper Certificate Validation vulnerability in F5 products In versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, the BIG-IP Client or Server SSL profile ignores revoked certificates, even when a valid CRL is present. | 7.4 |
| 2020-08-26 | CVE-2019-18847 | Improper Certificate Validation vulnerability in Akamai Enterprise Application Access Enterprise Access Client Auto-Updater allows for Remote Code Execution prior to version 2.0.1. | 9.8 |
| 2020-08-26 | CVE-2020-15498 | Improper Certificate Validation vulnerability in Asus Rt-Ac1900P Firmware 3.0.0.4.385.10000/3.0.0.4.385.20252 An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. | 5.9 |