Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-27 | CVE-2013-7201 | Improper Certificate Validation vulnerability in Paypal WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information. | 7.4 |
| 2018-04-24 | CVE-2017-2836 | Improper Certificate Validation vulnerability in multiple products An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. | 5.9 |
| 2018-04-19 | CVE-2018-0227 | Improper Certificate Validation vulnerability in Cisco products A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to establish an SSL VPN connection and bypass certain SSL certificate verification steps. | 7.5 |
| 2018-04-13 | CVE-2018-10066 | Improper Certificate Validation vulnerability in Mikrotik Routeros 6.41.4 An issue was discovered in MikroTik RouterOS 6.41.4. | 8.1 |
| 2018-04-13 | CVE-2017-6143 | Improper Certificate Validation vulnerability in F5 products X509 certificate verification was not correctly implemented in the IP Intelligence Subscription and IP Intelligence feed-list features, and thus the remote server's identity is not properly validated in F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.2, or 11.5.0-11.5.5. | 5.4 |
| 2018-04-12 | CVE-2015-1777 | Improper Certificate Validation vulnerability in Redhat Rhn-Client-Tools rhnreg_ks in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Gluster Storage 2.1 and Enterprise Linux (RHEL) 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle attack. | 5.9 |
| 2018-04-09 | CVE-2018-0553 | Improper Certificate Validation vulnerability in Glamo Iremocon Wifi 4.1.7 The iRemoconWiFi App for Android version 4.1.7 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 7.4 |
| 2018-04-05 | CVE-2018-1000151 | Improper Certificate Validation vulnerability in Jenkins Vsphere A man in the middle vulnerability exists in Jenkins vSphere Plugin 2.16 and older in VSphere.java that disables SSL/TLS certificate validation by default. | 5.6 |
| 2018-04-03 | CVE-2018-4086 | Improper Certificate Validation vulnerability in Apple products An issue was discovered in certain Apple products. | 5.9 |
| 2018-04-03 | CVE-2017-13863 | Improper Certificate Validation vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 5.9 |