Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-27 | CVE-2018-3927 | Improper Certificate Validation vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable information disclosure vulnerability exists in the crash handler of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. | 5.9 |
| 2018-08-22 | CVE-2017-7513 | Improper Certificate Validation vulnerability in Redhat Satellite It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. | 5.4 |
| 2018-08-15 | CVE-2017-13105 | Improper Certificate Validation vulnerability in Hisecuritylab Virus Cleaner 3.7.1.1329 Hi Security Virus Cleaner - Antivirus, Booster, 3.7.1.1329, 2017-09-13, Android application accepts all SSL certificates during SSL communication. | 5.9 |
| 2018-08-13 | CVE-2016-2922 | Improper Certificate Validation vulnerability in IBM Rational Clearquest IBM Rational ClearQuest 8.0 through 8.0.1.9 and 9.0 through 9.0.1.3 (CQ OSLC linkages, EmailRelay) fails to check the SSL certificate against the requested hostname. | 5.9 |
| 2018-08-01 | CVE-2018-8034 | Improper Certificate Validation vulnerability in multiple products The host name verification when using TLS with the WebSocket client was missing. | 7.5 |
| 2018-08-01 | CVE-2018-10894 | Improper Certificate Validation vulnerability in Redhat Keycloak and Single Sign-On It was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates. | 5.4 |
| 2018-08-01 | CVE-2018-1999035 | Improper Certificate Validation vulnerability in Jenkins Inedo Buildmaster 1.0/1.2/1.3 A man in the middle vulnerability exists in Jenkins Inedo BuildMaster Plugin 1.3 and earlier in BuildMasterConfiguration.java, BuildMasterConfig.java, BuildMasterApi.java that allows attackers to impersonate any service that Jenkins connects to. | 7.4 |
| 2018-08-01 | CVE-2018-1999034 | Improper Certificate Validation vulnerability in Jenkins Inedo Proget A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to. | 7.4 |
| 2018-08-01 | CVE-2018-1999025 | Improper Certificate Validation vulnerability in Jenkins Tracetronic Ecu-Test A man in the middle vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java, ATXValidator.java that allows attackers to impersonate any service that Jenkins connects to. | 7.4 |
| 2018-07-31 | CVE-2018-8020 | Improper Certificate Validation vulnerability in multiple products Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists (multiple entries) of certificate statuses. | 7.4 |