Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-10 | CVE-2015-7778 | Improper Certificate Validation vulnerability in Gurunavi Gournavi Gurunavi App for iOS before 6.0.0 does not verify SSL certificates which could allow remote attackers to perform man-in-the-middle attacks. | 4.3 |
| 2017-10-10 | CVE-2015-5639 | Improper Certificate Validation vulnerability in Dwango Niconico niconico App for iOS before 6.38 does not verify SSL certificates which could allow remote attackers to execute man-in-the-middle attacks. | 5.8 |
| 2017-10-10 | CVE-2015-2988 | Improper Certificate Validation vulnerability in Rakutencard Rakuten Card Rakuten card App for iOS 5.2.0 through 5.2.4 does not verify SSL certificates which might allow remote attackers to execute man-in-the-middle attacks. | 4.0 |
| 2017-10-05 | CVE-2017-1000097 | Improper Certificate Validation vulnerability in Golang GO On Darwin, user's trust preferences for root certificates were not honored. | 7.5 |
| 2017-09-30 | CVE-2017-14582 | Improper Certificate Validation vulnerability in Zohocorp Site24X7 Mobile Network Poller The Zoho Site24x7 Mobile Network Poller application before 1.1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a self-signed certificate. | 4.3 |
| 2017-09-29 | CVE-2017-12228 | Improper Certificate Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and Cisco IOS XE 3.3 through 16.4 could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. | 4.3 |
| 2017-09-26 | CVE-2015-0874 | Improper Certificate Validation vulnerability in OKB Smart Passbook 1.0.0 Smartphone Passbook 1.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information from encrypted communications via a crafted certificate. | 4.3 |
| 2017-09-26 | CVE-2017-7971 | Improper Certificate Validation vulnerability in Schneider-Electric Citect Anywhere and Powerscada Anywhere A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the use of outdated cipher suites and improper verification of peer SSL Certificate. | 4.0 |
| 2017-09-25 | CVE-2015-7785 | Improper Certificate Validation vulnerability in Comicsmart Ganma! 2.0.9 GANMA! App for iOS does not verify SSL certificates. | 4.3 |
| 2017-09-25 | CVE-2015-5666 | Improper Certificate Validation vulnerability in ANA ALL Nippon Airways ANA App for Android 3.1.1 and earlier, and ANA App for iOS 3.3.6 and earlier does not verify SSL certificates. | 4.3 |