Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-26 | CVE-2018-5464 | Improper Certificate Validation vulnerability in Philips Intellispace Portal 8.0/9.0 Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an untrusted SSL certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information. | 7.5 |
| 2018-03-26 | CVE-2018-5462 | Improper Certificate Validation vulnerability in Philips Intellispace Portal 8.0/9.0 Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an SSL incorrect hostname certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information. | 7.5 |
| 2018-03-24 | CVE-2018-8970 | Improper Certificate Validation vulnerability in Openbsd Libressl 2.7.0 The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 7.4 |
| 2018-03-22 | CVE-2018-5502 | Improper Certificate Validation vulnerability in F5 products On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. | 7.5 |
| 2018-03-15 | CVE-2018-6221 | Improper Certificate Validation vulnerability in Trendmicro Email Encryption Gateway 5.5 An unvalidated software update vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a man-in-the-middle attacker to tamper with an update file and inject their own. | 8.1 |
| 2018-03-15 | CVE-2018-6219 | Improper Certificate Validation vulnerability in Trendmicro Email Encryption Gateway 5.5 An Insecure Update via HTTP vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to eavesdrop and tamper with certain types of update data. | 6.5 |
| 2018-03-13 | CVE-2018-1000096 | Improper Certificate Validation vulnerability in Tiny-Json-Http Project Tiny-Json-Http brianleroux tiny-json-http version all versions since commit 9b8e74a232bba4701844e07bcba794173b0238a8 (Oct 29 2016) contains a Missing SSL certificate validation vulnerability in The libraries core functionality is affected. | 8.1 |
| 2018-03-12 | CVE-2016-9952 | Improper Certificate Validation vulnerability in Haxx Curl The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by "*.com." | 8.1 |
| 2018-03-12 | CVE-2017-2667 | Improper Certificate Validation vulnerability in multiple products Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not explicitly set the verify_ssl flag for apipie-bindings that disable it by default. | 8.1 |
| 2018-03-12 | CVE-2017-18227 | Improper Certificate Validation vulnerability in Titanhq Webtitan Gateway TitanHQ WebTitan Gateway has incorrect certificate validation for the TLS interception feature. | 7.5 |