Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-29 | CVE-2020-27649 | Improper Certificate Validation vulnerability in Synology Router Manager Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 9.0 |
| 2020-10-29 | CVE-2020-27648 | Improper Certificate Validation vulnerability in Synology Diskstation Manager and Skynas Firmware Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 9.0 |
| 2020-10-27 | CVE-2019-8531 | Improper Certificate Validation vulnerability in Apple mac OS X A validation issue existed in Trust Anchor Management. | 9.8 |
| 2020-10-27 | CVE-2019-8642 | Improper Certificate Validation vulnerability in Apple mac OS X An issue existed in the handling of S-MIME certificates. | 3.3 |
| 2020-10-22 | CVE-2019-17007 | Improper Certificate Validation vulnerability in multiple products In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service. | 7.5 |
| 2020-10-22 | CVE-2020-9868 | Improper Certificate Validation vulnerability in Apple products A certificate validation issue existed when processing administrator added certificates. | 9.1 |
| 2020-10-21 | CVE-2020-3557 | Improper Certificate Validation vulnerability in Cisco Firepower Management Center A vulnerability in the host input API daemon of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 5.3 |
| 2020-10-20 | CVE-2020-3994 | Improper Certificate Validation vulnerability in VMWare Cloud Foundation and Vcenter Server VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. | 7.4 |
| 2020-10-16 | CVE-2020-1675 | Improper Certificate Validation vulnerability in Juniper Mist Cloud UI When Security Assertion Markup Language (SAML) authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly process invalid authentication certificates which could allow a malicious network-based user to access unauthorized data. | 8.3 |
| 2020-10-09 | CVE-2020-13955 | Improper Certificate Validation vulnerability in Apache Calcite HttpUtils#getURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. | 5.9 |