Vulnerabilities > Improper Certificate Validation

DATE CVE VULNERABILITY TITLE RISK
2024-07-11 CVE-2024-28872 Improper Certificate Validation vulnerability in ISC Stork
The TLS certificate validation code is flawed.
network
high complexity
isc CWE-295
8.1
2024-07-09 CVE-2024-37865 Improper Certificate Validation vulnerability in S3Browser S3 Browser
An issue in S3Browser v.11.4.5 and v.10.9.9 and fixed in v.11.5.7 allows a remote attacker to obtain sensitive information via the S3 compatible storage component.
network
high complexity
s3browser CWE-295
5.9
2024-07-09 CVE-2024-39698 Improper Certificate Validation vulnerability in Electron Electron-Builder
electron-updater allows for automatic updates for Electron apps.
network
high complexity
electron CWE-295
7.5
2024-06-11 CVE-2024-28021 Improper Certificate Validation vulnerability in Hitachienergy Foxman-Un, Foxman UN and Unem
A vulnerability exists in the FOXMAN-UN/UNEM server that affects the message queueing mechanism’s certificate validation.
network
high complexity
hitachienergy CWE-295
7.4
2024-05-16 CVE-2024-35299 Improper Certificate Validation vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communication lacked proper certificate hostname validation
network
low complexity
jetbrains CWE-295
7.5
2024-05-08 CVE-2024-33612 Improper Certificate Validation vulnerability in F5 Big-Ip Next Central Manager 20.1.0
An improper certificate validation vulnerability exists in BIG-IP Next Central Manager and may allow an attacker to impersonate an Instance Provider system.
network
high complexity
f5 CWE-295
8.0
2024-05-07 CVE-2024-0042 Improper Certificate Validation vulnerability in Google Android
In TBD of TBD, there is a possible confusion of OEM and DRM certificates due to improperly used crypto.
local
low complexity
google CWE-295
7.8
2024-04-09 CVE-2024-29050 Improper Certificate Validation vulnerability in Microsoft products
Windows Cryptographic Services Remote Code Execution Vulnerability
local
low complexity
microsoft CWE-295
7.8
2024-04-01 CVE-2024-27323 Improper Certificate Validation vulnerability in Pdf-Xchange Pdf-Tools and Pdf-Xchange Editor
PDF-XChange Editor Updater Improper Certificate Validation Remote Code Execution Vulnerability.
high complexity
pdf-xchange CWE-295
7.5
2024-03-07 CVE-2024-1351 Improper Certificate Validation vulnerability in multiple products
Under certain configurations of --tlsCAFile and tls.CAFile, MongoDB Server may skip peer certificate validation which may result in untrusted connections to succeed.
network
low complexity
mongodb netapp CWE-295
critical
9.8