Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-27 | CVE-2020-26117 | Improper Certificate Validation vulnerability in multiple products In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. | 8.1 |
| 2020-09-24 | CVE-2016-11086 | Improper Certificate Validation vulnerability in Oauth-Ruby Project Oauth-Ruby lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby does not verify server X.509 certificates if a certificate bundle cannot be found, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information. | 7.4 |
| 2020-09-24 | CVE-2020-24560 | Improper Certificate Validation vulnerability in Trendmicro products An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one. | 7.5 |
| 2020-09-23 | CVE-2020-4340 | Improper Certificate Validation vulnerability in IBM Security Secret Server IBM Security Secret Server prior to 10.9 could allow an attacker to bypass SSL security due to improper certificate validation. | 4.3 |
| 2020-09-22 | CVE-2020-24619 | Improper Certificate Validation vulnerability in Meltytech Shotcut In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuses TLS because of setPeerVerifyMode(QSslSocket::VerifyNone). | 5.9 |
| 2020-09-16 | CVE-2020-6781 | Improper Certificate Validation vulnerability in Bosch Smart Home Improper certificate validation for certain connections in the Bosch Smart Home System App for iOS prior to version 9.17.1 potentially allows to intercept video contents by performing a man-in-the-middle attack. | 7.4 |
| 2020-09-16 | CVE-2020-2253 | Improper Certificate Validation vulnerability in Jenkins Email Extension Jenkins Email Extension Plugin 2.75 and earlier does not perform hostname validation when connecting to the configured SMTP server. | 4.8 |
| 2020-09-16 | CVE-2020-2252 | Improper Certificate Validation vulnerability in Jenkins Mailer Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server. | 4.8 |
| 2020-09-11 | CVE-2020-25276 | Improper Certificate Validation vulnerability in Primekey Ejbca An issue was discovered in PrimeKey EJBCA 6.x and 7.x before 7.4.1. | 7.3 |
| 2020-09-11 | CVE-2018-19946 | Improper Certificate Validation vulnerability in Qnap Helpdesk The vulnerability have been reported to affect earlier versions of Helpdesk. | 5.9 |