Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-03 | CVE-2024-0853 | Improper Certificate Validation vulnerability in Haxx Curl 8.5.0 curl inadvertently kept the SSL session ID for connections in its cache even when the verify status (*OCSP stapling*) test failed. | 5.3 |
| 2024-02-02 | CVE-2020-29504 | Improper Certificate Validation vulnerability in Dell products Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Missing Required Cryptographic Step Vulnerability. | 9.8 |
| 2024-01-31 | CVE-2023-28807 | Improper Certificate Validation vulnerability in Zscaler Secure Internet and Saas Access In Zscaler Internet Access (ZIA) a mismatch between Connect Host and Client Hello's Server Name Indication (SNI) enables attackers to evade network security controls by hiding their communications within legitimate traffic. | 7.5 |
| 2024-01-31 | CVE-2023-50356 | Improper Certificate Validation vulnerability in Areal-Topkapi Vision Server 6.2.4718 SSL connections to some LDAP servers are vulnerable to a man-in-the-middle attack due to improper certificate validation in AREAL Topkapi Vision (Server). | 6.5 |
| 2024-01-30 | CVE-2023-51837 | Improper Certificate Validation vulnerability in Meshcentral 1.1.16 Ylianst MeshCentral 1.1.16 is vulnerable to Missing SSL Certificate Validation. | 9.8 |
| 2024-01-25 | CVE-2023-33757 | Improper Certificate Validation vulnerability in Splicecom Ipcs and Ipcs2 A lack of SSL certificate validation in Splicecom iPCS (iOS App) v1.3.4, iPCS2 (iOS App) v2.8 and before, and iPCS (Android App) v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack. | 5.9 |
| 2024-01-25 | CVE-2023-33760 | Improper Certificate Validation vulnerability in Splicecom Maximiser Soft PBX SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. | 5.3 |
| 2024-01-19 | CVE-2023-6043 | Improper Certificate Validation vulnerability in Lenovo Vantage A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker to bypass integrity checks and execute arbitrary code with elevated privileges. | 7.8 |
| 2023-12-22 | CVE-2023-51662 | Improper Certificate Validation vulnerability in Snowflake Connector The Snowflake .NET driver provides an interface to the Microsoft .NET open source software framework for developing applications. | 7.5 |
| 2023-12-21 | CVE-2023-5594 | Improper Certificate Validation vulnerability in Eset products Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted. | 8.6 |