Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-27 | CVE-2020-5522 | Improper Certificate Validation vulnerability in Fujixerox Easy Netprint 2.0.3 The kantan netprint App for Android 2.0.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.8 |
| 2020-01-27 | CVE-2020-5521 | Improper Certificate Validation vulnerability in Fujixerox Easy Netprint The kantan netprint App for iOS 2.0.2 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.8 |
| 2020-01-27 | CVE-2020-5520 | Improper Certificate Validation vulnerability in Fujixerox Netprint The netprint App for iOS 3.2.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.8 |
| 2020-01-27 | CVE-2017-14806 | Improper Certificate Validation vulnerability in Suse Studio Onsite and Susestudio-Ui-Server A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. | 5.9 |
| 2020-01-21 | CVE-2011-2669 | Improper Certificate Validation vulnerability in Mozilla Firefox Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of certificates. | 4.3 |
| 2020-01-17 | CVE-2020-3940 | Improper Certificate Validation vulnerability in VMWare products VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability. | 4.3 |
| 2020-01-15 | CVE-2020-1929 | Improper Certificate Validation vulnerability in Apache Beam 2.10.0/2.16.0 The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. | 5.0 |
| 2020-01-15 | CVE-2012-1316 | Improper Certificate Validation vulnerability in Cisco Ironport web Security Appliance Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacks | 4.3 |
| 2020-01-14 | CVE-2020-0601 | Improper Certificate Validation vulnerability in multiple products A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'. | 5.8 |
| 2020-01-02 | CVE-2014-0161 | Improper Certificate Validation vulnerability in Ovirt-Engine-Sdk-Python Project Ovirt-Engine-Sdk-Python ovirt-engine-sdk-python before 3.4.0.7 and 3.5.0.4 does not verify that the hostname of the remote endpoint matches the Common Name (CN) or subjectAltName as specified by its x.509 certificate in a TLS/SSL session. | 4.3 |