Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-23 | CVE-2020-5864 | Improper Certificate Validation vulnerability in F5 Nginx Controller In versions of NGINX Controller prior to 3.2.0, communication between NGINX Controller and NGINX Plus instances skip TLS verification by default. | 7.4 |
| 2020-04-23 | CVE-2020-11806 | Improper Certificate Validation vulnerability in Mailstore Server In MailStore Outlook Add-in (and Email Archive Outlook Add-in) through 12.1.2, the login process does not validate the validity of the certificate presented by the server. | 5.9 |
| 2020-04-15 | CVE-2020-11792 | Improper Certificate Validation vulnerability in Netgear products NETGEAR R8900, R9000, RAX120, and XR700 devices before 2020-01-20 are affected by Transport Layer Security (TLS) certificate private key disclosure. | 7.5 |
| 2020-04-15 | CVE-2019-4654 | Improper Certificate Validation vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.3.0 to 7.3.3 Patch 2 does not validate, or incorrectly validates, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. | 4.8 |
| 2020-04-09 | CVE-2020-7922 | Improper Certificate Validation vulnerability in Mongodb Enterprise Kubernetes Operator X.509 certificates generated by the MongoDB Enterprise Kubernetes Operator may allow an attacker with access to the Kubernetes cluster improper access to MongoDB instances. | 6.5 |
| 2020-04-06 | CVE-2020-11580 | Improper Certificate Validation vulnerability in Pulsesecure Pulse Connect Secure 7.1/7.4 An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. | 9.1 |
| 2020-03-30 | CVE-2019-17560 | Improper Certificate Validation vulnerability in multiple products The "Apache NetBeans" autoupdate system does not validate SSL certificates and hostnames for https based downloads. | 9.1 |
| 2020-03-18 | CVE-2019-3762 | Improper Certificate Validation vulnerability in Dell products Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. | 7.5 |
| 2020-03-18 | CVE-2019-11688 | Improper Certificate Validation vulnerability in Asustor Exfat Driver 1.0.0 An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. | 7.4 |
| 2020-03-18 | CVE-2020-10659 | Improper Certificate Validation vulnerability in Entrustdatacard Entelligence Security Provider Entrust Entelligence Security Provider (ESP) before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where (for example) a user continues to interact with a web site that has an invalid certificate chain. | 4.3 |