Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-12 | CVE-2018-12257 | Improper Certificate Validation vulnerability in Apollotechnologiesinc Momentum Axel 720P Firmware 5.1.8 An issue was discovered on Momentum Axel 720P 5.1.8 devices. | 2.1 |
| 2018-06-11 | CVE-2016-9064 | Improper Certificate Validation vulnerability in Mozilla Firefox and Firefox ESR Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. | 4.3 |
| 2018-06-07 | CVE-2018-0334 | Improper Certificate Validation vulnerability in Cisco Anyconnect Secure Mobility Client 4.6(100) A vulnerability in the certificate management subsystem of Cisco AnyConnect Network Access Manager and of Cisco AnyConnect Secure Mobility Client for iOS, Mac OS X, Android, Windows, and Linux could allow an unauthenticated, remote attacker to bypass the TLS certificate check when downloading certain configuration files. | 5.8 |
| 2018-06-04 | CVE-2018-11712 | Improper Certificate Validation vulnerability in Webkitgtk Webkitgtk+ 2.20.0/2.20.1 WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification for WebSocket connections. | 5.0 |
| 2018-05-31 | CVE-2016-10536 | Improper Certificate Validation vulnerability in Socket Engine.Io-Client engine.io-client is the client for engine.io, the implementation of a transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. | 4.3 |
| 2018-05-31 | CVE-2016-10534 | Improper Certificate Validation vulnerability in Electron-Packager Project Electron-Packager electron-packager is a command line tool that packages Electron source code into `.app` and `.exe` packages. | 4.3 |
| 2018-05-19 | CVE-2018-4991 | Improper Certificate Validation vulnerability in Adobe Creative Cloud Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Improper certificate validation vulnerability. | 7.5 |
| 2018-05-17 | CVE-2018-0277 | Improper Certificate Validation vulnerability in Cisco Identity Services Engine A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP authentication for the Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the ISE application server to restart unexpectedly, causing a denial of service (DoS) condition on an affected system. | 5.0 |
| 2018-05-14 | CVE-2018-0591 | Improper Certificate Validation vulnerability in T-Joy Kinepass The KINEPASS App for Android Ver 3.1.1 and earlier, and for iOS Ver 3.1.2 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 4.3 |
| 2018-05-09 | CVE-2018-8119 | Improper Certificate Validation vulnerability in Microsoft products A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability." This affects C# SDK, C SDK, Java SDK. | 6.8 |