Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-27 | CVE-2020-5521 | Improper Certificate Validation vulnerability in Fujixerox Easy Netprint The kantan netprint App for iOS 2.0.2 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 7.4 |
| 2020-01-27 | CVE-2020-5520 | Improper Certificate Validation vulnerability in Fujixerox Netprint The netprint App for iOS 3.2.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 7.4 |
| 2020-01-27 | CVE-2017-14806 | Improper Certificate Validation vulnerability in Suse Studio Onsite and Susestudio-Ui-Server A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. | 5.9 |
| 2020-01-21 | CVE-2011-2669 | Improper Certificate Validation vulnerability in Mozilla Firefox Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of certificates. | 6.5 |
| 2020-01-17 | CVE-2020-3940 | Improper Certificate Validation vulnerability in VMWare products VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability. | 5.9 |
| 2020-01-15 | CVE-2020-1929 | Improper Certificate Validation vulnerability in Apache Beam The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. | 7.5 |
| 2020-01-15 | CVE-2012-1316 | Improper Certificate Validation vulnerability in Cisco Ironport web Security Appliance Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacks | 5.9 |
| 2020-01-14 | CVE-2020-0601 | Improper Certificate Validation vulnerability in multiple products A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'. | 8.1 |
| 2020-01-02 | CVE-2014-0161 | Improper Certificate Validation vulnerability in Ovirt-Engine-Sdk-Python Project Ovirt-Engine-Sdk-Python ovirt-engine-sdk-python before 3.4.0.7 and 3.5.0.4 does not verify that the hostname of the remote endpoint matches the Common Name (CN) or subjectAltName as specified by its x.509 certificate in a TLS/SSL session. | 5.9 |
| 2020-01-02 | CVE-2014-0104 | Improper Certificate Validation vulnerability in Clusterlabs Fence-Agents In fence-agents before 4.0.17 does not verify remote SSL certificates in the fence_cisco_ucs.py script which can potentially allow for man-in-the-middle attackers to spoof SSL servers via arbitrary SSL certificates. | 5.9 |