Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-23 | CVE-2020-4340 | Improper Certificate Validation vulnerability in IBM Security Secret Server 10.7/10.7.000059/10.8 IBM Security Secret Server prior to 10.9 could allow an attacker to bypass SSL security due to improper certificate validation. | 4.3 |
| 2020-09-16 | CVE-2020-6781 | Improper Certificate Validation vulnerability in Bosch Smart Home Improper certificate validation for certain connections in the Bosch Smart Home System App for iOS prior to version 9.17.1 potentially allows to intercept video contents by performing a man-in-the-middle attack. | 5.8 |
| 2020-09-16 | CVE-2020-2253 | Improper Certificate Validation vulnerability in Jenkins Email Extension Jenkins Email Extension Plugin 2.75 and earlier does not perform hostname validation when connecting to the configured SMTP server. | 4.8 |
| 2020-09-16 | CVE-2020-2252 | Improper Certificate Validation vulnerability in Jenkins Mailer Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server. | 4.8 |
| 2020-09-11 | CVE-2020-25276 | Improper Certificate Validation vulnerability in Primekey Ejbca 7.0.0/7.3.1.2 An issue was discovered in PrimeKey EJBCA 6.x and 7.x before 7.4.1. | 6.8 |
| 2020-09-11 | CVE-2018-19946 | Improper Certificate Validation vulnerability in Qnap Helpdesk The vulnerability have been reported to affect earlier versions of Helpdesk. | 4.3 |
| 2020-08-31 | CVE-2020-11617 | Improper Certificate Validation vulnerability in multiple products The RSS application on THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes doesn't validate the SSL certificates of RSS servers, which allows a man-in-the-middle attacker to modify the data delivered to the client. | 4.3 |
| 2020-08-27 | CVE-2020-24715 | Improper Certificate Validation vulnerability in Scalyr Agent The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, native Python code is used that lacks a comparison of the hostname to commonName and subjectAltName. | 6.8 |
| 2020-08-27 | CVE-2020-24714 | Improper Certificate Validation vulnerability in Scalyr Agent The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, the openssl binary is called without the -verify_hostname option. | 6.8 |
| 2020-08-26 | CVE-2020-24661 | Improper Certificate Validation vulnerability in multiple products GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not configured to use a system-provided PKCS#11 store. | 5.9 |