Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-16 | CVE-2023-48054 | Improper Certificate Validation vulnerability in Localstack 2.3.2 Missing SSL certificate validation in localstack v2.3.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack. | 7.4 |
| 2023-11-07 | CVE-2023-42532 | Improper Certificate Validation vulnerability in Samsung Android 11.0/12.0 Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote attacker to intercept the network traffic including Firmware information. | 7.5 |
| 2023-11-01 | CVE-2023-46724 | Improper Certificate Validation vulnerability in Squid-Cache Squid Squid is a caching proxy for the Web. | 7.5 |
| 2023-10-31 | CVE-2023-42425 | Improper Certificate Validation vulnerability in Turing Edge+ Evc5Fd Firmware 1.38.6 An issue in Turing Video Turing Edge+ EVC5FD v.1.38.6 allows remote attacker to execute arbitrary code and obtain sensitive information via the cloud connection components. | 9.8 |
| 2023-10-26 | CVE-2023-31421 | Improper Certificate Validation vulnerability in Elastic products It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid for the target IP address; however, certificate signature validation is still performed. | 7.5 |
| 2023-10-25 | CVE-2023-31580 | Improper Certificate Validation vulnerability in Networknt Light-Oauth2 light-oauth2 before version 2.1.27 obtains the public key without any verification. | 5.9 |
| 2023-10-17 | CVE-2022-3761 | Improper Certificate Validation vulnerability in Openvpn Connect OpenVPN Connect versions before 3.4.0.4506 (macOS) and OpenVPN Connect before 3.4.0.3100 (Windows) allows man-in-the-middle attackers to intercept configuration profile download requests which contains the users credentials | 5.9 |
| 2023-10-17 | CVE-2022-43892 | Improper Certificate Validation vulnerability in IBM Security Verify Privilege On-Premises IBM Security Verify Privilege On-Premises 11.5 does not validate, or incorrectly validates, a certificate which could disclose sensitive information which could aid further attacks against the system. | 5.3 |
| 2023-10-17 | CVE-2022-22380 | Improper Certificate Validation vulnerability in IBM Security Verify Privilege On-Premises IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to spoof a trusted entity due to improperly validating certificates. | 4.3 |
| 2023-10-16 | CVE-2023-5422 | Improper Certificate Validation vulnerability in Otrs The functions to fetch e-mail via POP3 or IMAP as well as sending e-mail via SMTP use OpenSSL for static SSL or TLS based communication. | 9.1 |