Vulnerabilities > Improper Certificate Validation
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-27 | CVE-2020-24714 | Improper Certificate Validation vulnerability in Scalyr Agent The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, the openssl binary is called without the -verify_hostname option. | 6.8 |
2020-08-26 | CVE-2020-24661 | Improper Certificate Validation vulnerability in multiple products GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not configured to use a system-provided PKCS#11 store. | 5.9 |
2020-08-26 | CVE-2020-5913 | Improper Certificate Validation vulnerability in F5 products In versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, the BIG-IP Client or Server SSL profile ignores revoked certificates, even when a valid CRL is present. | 7.4 |
2020-08-26 | CVE-2019-18847 | Improper Certificate Validation vulnerability in Akamai Enterprise Application Access Enterprise Access Client Auto-Updater allows for Remote Code Execution prior to version 2.0.1. | 7.5 |
2020-08-26 | CVE-2020-15498 | Improper Certificate Validation vulnerability in Asus Rt-Ac1900P Firmware 3.0.0.4.385.10000/3.0.0.4.385.20252 An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. | 4.3 |
2020-08-25 | CVE-2020-16197 | Improper Certificate Validation vulnerability in Octopus Server and Server An issue was discovered in Octopus Deploy 3.4. | 4.0 |
2020-08-24 | CVE-2020-24613 | Improper Certificate Validation vulnerability in Wolfssl wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAIT_CERT_CR state, within SanityCheckTls13MsgReceived() in tls13.c. | 4.9 |
2020-08-20 | CVE-2020-12619 | Improper Certificate Validation vulnerability in Freron Mailmate MailMate before 1.11 automatically imported S/MIME certificates and thereby silently replaced existing ones. | 4.3 |
2020-08-20 | CVE-2020-12618 | Improper Certificate Validation vulnerability in Emclient EM Client eM Client before 7.2.33412.0 automatically imported S/MIME certificates and thereby silently replaced existing ones. | 5.8 |
2020-08-10 | CVE-2020-9525 | Improper Certificate Validation vulnerability in Cs2-Network P2P CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an authentication flaw that allows remote attackers to perform a man-in-the-middle attack, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices. | 6.8 |