Vulnerabilities > Improper Certificate Validation
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-23 | CVE-2021-27189 | Improper Certificate Validation vulnerability in Cira Canadian Shield The CIRA Canadian Shield app before 4.0.13 for iOS lacks SSL Certificate Validation. | 5.9 |
2021-02-19 | CVE-2020-24393 | Improper Certificate Validation vulnerability in Tweetstream Project Tweetstream 2.6.1 TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. | 5.9 |
2021-02-19 | CVE-2020-24392 | Improper Certificate Validation vulnerability in Twitter-Stream Project Twitter-Stream 0.1.10 In voloko twitter-stream 0.1.10, missing TLS hostname validation allows an attacker to perform a man-in-the-middle attack against users of the library (because eventmachine is misused). | 5.9 |
2021-02-17 | CVE-2021-26911 | Improper Certificate Validation vulnerability in multiple products core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for IMAP in STARTTLS mode. | 7.4 |
2021-02-16 | CVE-2020-29457 | Improper Certificate Validation vulnerability in Opcfoundation Ua-.Netstandard A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection. | 4.4 |
2021-02-12 | CVE-2021-20649 | Improper Certificate Validation vulnerability in Elecom Wrc-300Febk-S Firmware ELECOM WRC-300FEBK-S contains an improper certificate validation vulnerability. | 4.8 |
2021-02-10 | CVE-2021-0341 | Improper Certificate Validation vulnerability in Google Android In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. | 7.5 |
2021-02-09 | CVE-2020-4791 | Improper Certificate Validation vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to obtain sensitive information using main in the middle attacks due to improper certificate validation. | 5.3 |
2021-02-06 | CVE-2020-5812 | Improper Certificate Validation vulnerability in Tenable Nessus Amazon Machine Image 8.12.0 Nessus AMI versions 8.12.0 and earlier were found to either not validate, or incorrectly validate, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. | 5.9 |
2021-02-04 | CVE-2021-1354 | Improper Certificate Validation vulnerability in Cisco Unified Computing System Central Software A vulnerability in the certificate registration process of Cisco Unified Computing System (UCS) Central Software could allow an authenticated, adjacent attacker to register a rogue Cisco Unified Computing System Manager (UCSM). | 3.5 |