Vulnerabilities > Improper Certificate Validation

DATE CVE VULNERABILITY TITLE RISK
2023-10-04 CVE-2023-4586 Improper Certificate Validation vulnerability in multiple products
A vulnerability was found in the Hot Rod client.
network
high complexity
redhat infinispan CWE-295
7.4
2023-09-21 CVE-2023-41991 Improper Certificate Validation vulnerability in Apple Iphone OS and Macos
A certificate validation issue was addressed.
local
low complexity
apple CWE-295
5.5
2023-09-19 CVE-2023-38351 Improper Certificate Validation vulnerability in Minitool Partition Wizard 12.8
MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack.
network
high complexity
minitool CWE-295
8.1
2023-09-19 CVE-2023-38352 Improper Certificate Validation vulnerability in Minitool Partition Wizard 12.8
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack.
network
high complexity
minitool CWE-295
8.1
2023-09-19 CVE-2023-38353 Improper Certificate Validation vulnerability in Minitool Power Data Recovery 11.5/11.6
MiniTool Power Data Recovery version 11.6 and before contains an insecure in-app payment system that allows attackers to steal highly sensitive information through a man in the middle attack.
network
high complexity
minitool CWE-295
5.9
2023-09-19 CVE-2023-38354 Improper Certificate Validation vulnerability in Minitool Shadowmaker 4.1
MiniTool Shadow Maker version 4.1 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.
network
high complexity
minitool CWE-295
8.1
2023-09-19 CVE-2023-38355 Improper Certificate Validation vulnerability in Minitool Movie Maker 7.0
MiniTool Movie Maker 7.0 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.
network
high complexity
minitool CWE-295
8.1
2023-09-19 CVE-2023-38356 Improper Certificate Validation vulnerability in Minitool Power Data Recovery 11.6
MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.
network
high complexity
minitool CWE-295
8.1
2023-09-13 CVE-2023-4801 Improper Certificate Validation vulnerability in Proofpoint Insider Threat Management
An improper certification validation vulnerability in the Insider Threat Management (ITM) Agent for MacOS could be used by an anonymous actor on an adjacent network to establish a man-in-the-middle position between the agent and the ITM server after the agent has registered.
high complexity
proofpoint CWE-295
7.5
2023-09-11 CVE-2023-35845 Improper Certificate Validation vulnerability in Anaconda Anaconda3 2023.031
Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying the cacert.pem file used by the installed pip program.
local
high complexity
anaconda CWE-295
4.7