Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-29 | CVE-2020-27648 | Improper Certificate Validation vulnerability in Synology Diskstation Manager and Skynas Firmware Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 6.8 |
| 2020-10-27 | CVE-2019-8642 | Improper Certificate Validation vulnerability in Apple mac OS X An issue existed in the handling of S-MIME certificates. | 4.3 |
| 2020-10-22 | CVE-2019-17007 | Improper Certificate Validation vulnerability in multiple products In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service. | 5.0 |
| 2020-10-22 | CVE-2020-9868 | Improper Certificate Validation vulnerability in Apple products A certificate validation issue existed when processing administrator added certificates. | 9.1 |
| 2020-10-21 | CVE-2020-3557 | Improper Certificate Validation vulnerability in Cisco Firepower Management Center A vulnerability in the host input API daemon of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 5.3 |
| 2020-10-20 | CVE-2020-3994 | Improper Certificate Validation vulnerability in VMWare Cloud Foundation and Vcenter Server VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. | 5.8 |
| 2020-10-16 | CVE-2020-1675 | Improper Certificate Validation vulnerability in Juniper Mist Cloud UI When Security Assertion Markup Language (SAML) authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly process invalid authentication certificates which could allow a malicious network-based user to access unauthorized data. | 4.3 |
| 2020-09-27 | CVE-2020-26117 | Improper Certificate Validation vulnerability in multiple products In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. | 8.1 |
| 2020-09-24 | CVE-2020-24560 | Improper Certificate Validation vulnerability in Trendmicro products An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one. | 5.0 |
| 2020-09-24 | CVE-2020-15604 | Improper Certificate Validation vulnerability in Trendmicro products An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one. | 5.0 |