Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-13 | CVE-2010-4532 | Improper Certificate Validation vulnerability in multiple products offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks. | 4.3 |
| 2019-11-13 | CVE-2014-8167 | Improper Certificate Validation vulnerability in Redhat products vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack | 4.3 |
| 2019-11-12 | CVE-2014-7143 | Improper Certificate Validation vulnerability in Twistedmatrix Twisted 14.0.0 Python Twisted 14.0 trustRoot is not respected in HTTP client | 5.0 |
| 2019-11-09 | CVE-2009-3552 | Improper Certificate Validation vulnerability in Redhat Enterprise Virtualization Manager 2.2 In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface (a Windows Presentation Foundation (WPF) XAML browser application) to connect to the Red Hat Enterprise Virtualization Manager. | 2.9 |
| 2019-11-08 | CVE-2019-16209 | Improper Certificate Validation vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1 A vulnerability, in The ReportsTrustManager class of Brocade SANnav versions before v2.0, could allow an attacker to perform a man-in-the-middle attack against Secure Sockets Layer(SSL)connections. | 5.8 |
| 2019-11-05 | CVE-2019-3685 | Improper Certificate Validation vulnerability in Opensuse Open Build Service Open Build Service before version 0.165.4 diddn't validate TLS certificates for HTTPS connections with the osc client binary | 6.8 |
| 2019-11-01 | CVE-2013-2255 | Improper Certificate Validation vulnerability in multiple products HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates. | 4.3 |
| 2019-10-30 | CVE-2019-18633 | Improper Certificate Validation vulnerability in Europa Eidas-Node Integration Package 2.1 European Commission eIDAS-Node Integration Package before 2.3.1 has Missing Certificate Validation because a certain ExplicitKeyTrustEvaluator return value is not checked. | 7.5 |
| 2019-10-30 | CVE-2019-18632 | Improper Certificate Validation vulnerability in Europa Eidas-Node Integration Package European Commission eIDAS-Node Integration Package before 2.3.1 allows Certificate Faking because an attacker can sign a manipulated SAML response with a forged certificate. | 7.5 |
| 2019-10-30 | CVE-2018-21029 | Improper Certificate Validation vulnerability in multiple products systemd 239 through 245 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. | 9.8 |