Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-03 | CVE-2018-12087 | Improper Certificate Validation vulnerability in Opcfoundation Ua-.Net-Legacy and Ua-.Netstandard Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords. | 5.3 |
| 2018-10-02 | CVE-2018-1509 | Improper Certificate Validation vulnerability in IBM Security Guardium 10.5 IBM Security Guardium EcoSystem 10.5 does not validate, or incorrectly validates, a certificate.This weakness might allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. | 7.4 |
| 2018-09-26 | CVE-2018-17215 | Improper Certificate Validation vulnerability in Postman An information-disclosure issue was discovered in Postman through 6.3.0. | 8.1 |
| 2018-09-14 | CVE-2018-11087 | Improper Certificate Validation vulnerability in multiple products Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. | 5.9 |
| 2018-09-13 | CVE-2018-8479 | Improper Certificate Validation vulnerability in Microsoft products A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK. | 5.6 |
| 2018-09-11 | CVE-2018-15898 | Improper Certificate Validation vulnerability in Subsonic Music Streamer 4.4 The Subsonic Music Streamer application 4.4 for Android has Improper Certificate Validation of the Subsonic server certificate, which might allow man-in-the-middle attackers to obtain interaction data. | 5.9 |
| 2018-09-11 | CVE-2018-2460 | Improper Certificate Validation vulnerability in SAP Business ONE 1.2 SAP Business One Android application, version 1.2, does not verify the certificate properly for HTTPS connection. | 5.9 |
| 2018-09-10 | CVE-2018-11775 | Improper Certificate Validation vulnerability in multiple products TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. | 7.4 |
| 2018-09-10 | CVE-2018-12608 | Improper Certificate Validation vulnerability in Mobyproject Moby An issue was discovered in Docker Moby before 17.06.0. | 7.5 |
| 2018-09-07 | CVE-2018-0650 | Improper Certificate Validation vulnerability in Linecorp Line Music 3.1.0 The LINE MUSIC for Android version 3.1.0 to versions prior to 3.6.5 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 7.4 |