Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-26 | CVE-2020-13615 | Improper Certificate Validation vulnerability in Qore lib/QoreSocket.cpp in Qore before 0.9.4.2 lacks hostname verification for X.509 certificates. | 5.9 |
| 2020-05-26 | CVE-2020-13614 | Improper Certificate Validation vulnerability in multiple products An issue was discovered in ssl.c in Axel before 2.17.8. | 5.9 |
| 2020-05-25 | CVE-2020-13482 | Improper Certificate Validation vulnerability in multiple products EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. | 7.4 |
| 2020-05-21 | CVE-2020-1113 | Improper Certificate Validation vulnerability in Microsoft products A security feature bypass vulnerability exists in Microsoft Windows when the Task Scheduler service fails to properly verify client connections over RPC, aka 'Windows Task Scheduler Security Feature Bypass Vulnerability'. | 7.5 |
| 2020-05-19 | CVE-2020-13163 | Improper Certificate Validation vulnerability in Em-Imap Project Em-Imap 0.5 em-imap 0.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. | 7.4 |
| 2020-05-15 | CVE-2020-1758 | Improper Certificate Validation vulnerability in Redhat Keycloak A flaw was found in Keycloak in versions before 10.0.0, where it does not perform the TLS hostname verification while sending emails using the SMTP server. | 5.9 |
| 2020-05-12 | CVE-2020-8156 | Improper Certificate Validation vulnerability in multiple products A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack. | 7.0 |
| 2020-05-11 | CVE-2020-10059 | Improper Certificate Validation vulnerability in Zephyrproject Zephyr 2.1.0/2.2.0 The UpdateHub module disables DTLS peer checking, which allows for a man in the middle attack. | 4.8 |
| 2020-05-09 | CVE-2020-12637 | Improper Certificate Validation vulnerability in Zulipchat Zulip Desktop Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation because all validation was inadvertently disabled during an attempt to recognize the ignoreCerts option. | 9.8 |
| 2020-05-07 | CVE-2020-11050 | Improper Certificate Validation vulnerability in Java-Websocket Project Java-Websocket In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. | 8.1 |