Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-21 | CVE-2019-8351 | Improper Certificate Validation vulnerability in Heimdalsecurity Thor 2.5.170/2.5.171/2.5.172 Heimdal Thor Agent 2.5.17x before 2.5.173 does not verify X.509 certificates from TLS servers, which allows remote attackers to spoof servers and obtain sensitive information via a crafted certificate. | 9.1 |
| 2019-03-21 | CVE-2019-6702 | Improper Certificate Validation vulnerability in Mastercard Qkr! With Masterpass The MasterCard Qkr! app before 5.0.8 for iOS has Missing SSL Certificate Validation. | 5.9 |
| 2019-03-21 | CVE-2019-5729 | Improper Certificate Validation vulnerability in Splunk Software Development KIT Splunk-SDK-Python before 1.6.6 does not properly verify untrusted TLS server certificates, which could result in man-in-the-middle attacks. | 8.1 |
| 2019-03-21 | CVE-2018-6517 | Improper Certificate Validation vulnerability in Puppet Chloride Prior to version 0.3.0, chloride's use of net-ssh resulted in host fingerprints for previously unknown hosts getting added to the user's known_hosts file without confirmation. | 7.5 |
| 2019-03-21 | CVE-2018-11747 | Improper Certificate Validation vulnerability in Puppet Discovery Previously, Puppet Discovery was shipped with a default generated TLS certificate in the nginx container. | 9.8 |
| 2019-03-14 | CVE-2018-12205 | Improper Certificate Validation vulnerability in Intel products Improper certificate validation in Platform Sample/ Silicon Reference firmware for 8th Generation Intel(R) Core(tm) Processor, 7th Generation Intel(R) Core(tm) Processor may allow an unauthenticated user to potentially enable an escalation of privilege via physical access. | 6.8 |
| 2019-03-07 | CVE-2019-3777 | Improper Certificate Validation vulnerability in Pivotal Software Application Service Pivotal Application Service (PAS), versions 2.2.x prior to 2.2.12, 2.3.x prior to 2.3.7 and 2.4.x prior to 2.4.3, contain apps manager that uses a cloud controller proxy that fails to verify SSL certs. | 9.8 |
| 2019-02-26 | CVE-2019-6592 | Improper Certificate Validation vulnerability in F5 products On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL certificates in client SSL or server SSL profiles. | 9.1 |
| 2019-02-25 | CVE-2019-6266 | Improper Certificate Validation vulnerability in Cordaware Bestinformed Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. | 9.8 |
| 2019-02-25 | CVE-2019-1683 | Improper Certificate Validation vulnerability in Cisco products A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of a Transport Level Security (TLS)-encrypted Session Initiation Protocol (SIP) conversation. | 7.4 |