Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-29 | CVE-2021-3336 | Improper Certificate Validation vulnerability in Wolfssl DoTls13CertificateVerify in tls13.c in wolfSSL before 4.7.0 does not cease processing for certain anomalous peer behavior (sending an ED22519, ED448, ECC, or RSA signature without the corresponding certificate). | 8.1 |
| 2021-01-26 | CVE-2021-3309 | Improper Certificate Validation vulnerability in Wekan Project Wekan packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust store, | 8.1 |
| 2021-01-26 | CVE-2021-3285 | Improper Certificate Validation vulnerability in TI Code Composer Studio Intgrated Development Environment jxbrowser in TI Code Composer Studio IDE 8.x through 10.x before 10.1.1 does not verify X.509 certificates for HTTPS. | 5.3 |
| 2021-01-20 | CVE-2021-1277 | Improper Certificate Validation vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) could allow an attacker to spoof a trusted host or construct a man-in-the-middle attack to extract sensitive information or alter certain API requests. | 6.5 |
| 2021-01-20 | CVE-2021-1276 | Improper Certificate Validation vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) could allow an attacker to spoof a trusted host or construct a man-in-the-middle attack to extract sensitive information or alter certain API requests. | 6.5 |
| 2021-01-15 | CVE-2021-3162 | Improper Certificate Validation vulnerability in Docker Docker Desktop Community before 2.5.0.0 on macOS mishandles certificate checking, leading to local privilege escalation. | 7.8 |
| 2021-01-15 | CVE-2020-35733 | Improper Certificate Validation vulnerability in multiple products An issue was discovered in Erlang/OTP before 23.2.2. | 7.5 |
| 2021-01-11 | CVE-2020-24025 | Improper Certificate Validation vulnerability in Sass-Lang Node-Sass Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when requesting binaries even if the user is not specifying an alternative download path. | 5.3 |
| 2021-01-07 | CVE-2020-25680 | Improper Certificate Validation vulnerability in Redhat Jboss Core Services Httpd 2.4.37 A flaw was found in JBCS httpd in version 2.4.37 SP3, where it uses a back-end worker SSL certificate with the keystore file's ID is 'unknown'. | 5.4 |
| 2020-12-30 | CVE-2019-16281 | Improper Certificate Validation vulnerability in Ptarmigan Project Ptarmigan 0.2.0/0.2.1/0.2.2 Ptarmigan before 0.2.3 lacks API token validation, e.g., an "if (token === apiToken) {return true;} return false;" code block. | 7.5 |