Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-31 | CVE-2016-10536 | Improper Certificate Validation vulnerability in Socket Engine.Io-Client engine.io-client is the client for engine.io, the implementation of a transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. | 5.9 |
| 2018-05-31 | CVE-2016-10534 | Improper Certificate Validation vulnerability in Electron-Packager Project Electron-Packager electron-packager is a command line tool that packages Electron source code into `.app` and `.exe` packages. | 5.9 |
| 2018-05-19 | CVE-2018-4991 | Improper Certificate Validation vulnerability in Adobe Creative Cloud Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Improper certificate validation vulnerability. | 9.8 |
| 2018-05-17 | CVE-2018-0277 | Improper Certificate Validation vulnerability in Cisco Identity Services Engine A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP authentication for the Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the ISE application server to restart unexpectedly, causing a denial of service (DoS) condition on an affected system. | 8.6 |
| 2018-05-14 | CVE-2018-0591 | Improper Certificate Validation vulnerability in T-Joy Kinepass The KINEPASS App for Android Ver 3.1.1 and earlier, and for iOS Ver 3.1.2 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2018-05-09 | CVE-2018-8119 | Improper Certificate Validation vulnerability in Microsoft products A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability." This affects C# SDK, C SDK, Java SDK. | 5.6 |
| 2018-05-03 | CVE-2018-4849 | Improper Certificate Validation vulnerability in Siemens Siveillance VMS Video A vulnerability has been identified in Siveillance VMS Video for Android (All versions < V12.1a (2018 R1)), Siveillance VMS Video for iOS (All versions < V12.1a (2018 R1)). | 7.4 |
| 2018-04-27 | CVE-2013-7201 | Improper Certificate Validation vulnerability in Paypal WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information. | 7.4 |
| 2018-04-24 | CVE-2017-2836 | Improper Certificate Validation vulnerability in multiple products An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. | 5.9 |
| 2018-04-19 | CVE-2018-0227 | Improper Certificate Validation vulnerability in Cisco products A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to establish an SSL VPN connection and bypass certain SSL certificate verification steps. | 7.5 |