Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-14 | CVE-2020-15720 | Improper Certificate Validation vulnerability in Dogtagpki In Dogtag PKI through 10.8.3, the pki.client.PKIConnection class did not enable python-requests certificate validation. | 6.8 |
| 2020-07-14 | CVE-2020-15719 | Improper Certificate Validation vulnerability in multiple products libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. | 4.2 |
| 2020-07-09 | CVE-2020-15526 | Improper Certificate Validation vulnerability in Red-Gate SQL Monitor In Redgate SQL Monitor 7.1.4 through 10.1.6 (inclusive), the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration > Notifications pages to disable certificate checking for alert notifications. | 5.9 |
| 2020-07-09 | CVE-2020-12421 | Improper Certificate Validation vulnerability in multiple products When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected (even if they were legitimately added by an administrator.) This could have caused add-ons to become out-of-date silently without notification to the user. | 6.5 |
| 2020-07-02 | CVE-2019-20894 | Improper Certificate Validation vulnerability in Traefik 2.0.0 Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERR_BAD_SSL_CLIENT_AUTH_CERT should have occurred. | 7.5 |
| 2020-07-02 | CVE-2020-5909 | Improper Certificate Validation vulnerability in F5 Nginx Controller In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified. | 5.4 |
| 2020-06-25 | CVE-2020-15047 | Improper Certificate Validation vulnerability in Trojita Project Trojita MSA/SMTP.cpp in Trojita before 0.8 ignores certificate-verification errors, which allows man-in-the-middle attackers to spoof SMTP servers. | 5.9 |
| 2020-06-23 | CVE-2020-5367 | Improper Certificate Validation vulnerability in Dell products Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. | 8.1 |
| 2020-06-22 | CVE-2020-14981 | Improper Certificate Validation vulnerability in Vipre Password Vault 1.100.1090 The ThreatTrack VIPRE Password Vault app through 1.100.1090 for iOS has Missing SSL Certificate Validation. | 5.9 |
| 2020-06-22 | CVE-2020-14980 | Improper Certificate Validation vulnerability in Sophos Secure Email 3.9.4 The Sophos Secure Email application through 3.9.4 for Android has Missing SSL Certificate Validation. | 5.9 |