Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-13 | CVE-2017-14420 | Improper Certificate Validation vulnerability in Dlink Dir-850L Firmware The D-Link NPAPI extension, as used on D-Link DIR-850L REV. | 5.9 |
| 2017-09-13 | CVE-2017-14419 | Improper Certificate Validation vulnerability in Dlink Dir-850L Firmware The D-Link NPAPI extension, as used on D-Link DIR-850L REV. | 5.9 |
| 2017-09-06 | CVE-2015-2943 | Improper Certificate Validation vulnerability in Honda Moto Linc 1.6.1 Honda Moto LINC 1.6.1 does not verify SSL certificates. | 5.9 |
| 2017-08-28 | CVE-2017-6594 | Improper Certificate Validation vulnerability in multiple products The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets. | 7.5 |
| 2017-08-28 | CVE-2015-0210 | Improper Certificate Validation vulnerability in W1.Fi WPA Supplicant 2.016 wpa_supplicant 2.0-16 does not properly check certificate subject name, which allows remote attackers to cause a man-in-the-middle attack. | 5.9 |
| 2017-08-25 | CVE-2015-4017 | Improper Certificate Validation vulnerability in Saltstack Salt 2014.7.5 Salt before 2014.7.6 does not verify certificates when connecting via the aliyun, proxmox, and splunk modules. | 7.5 |
| 2017-08-18 | CVE-2017-8445 | Improper Certificate Validation vulnerability in Elastic X-Pack An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. | 5.5 |
| 2017-08-18 | CVE-2014-3451 | Improper Certificate Validation vulnerability in Igniterealtime Openfire OpenFire XMPP Server before 3.10 accepts self-signed certificates, which allows remote attackers to perform unspecified spoofing attacks. | 7.5 |
| 2017-08-09 | CVE-2015-2674 | Improper Certificate Validation vulnerability in Restkit Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrap_socket function in Python with the default CERT_NONE value for the cert_reqs argument. | 5.9 |
| 2017-08-09 | CVE-2015-5619 | Improper Certificate Validation vulnerability in multiple products Logstash 1.4.x before 1.4.5 and 1.5.x before 1.5.4 with Lumberjack output or the Logstash forwarder does not validate SSL/TLS certificates from the Logstash server, which might allow attackers to obtain sensitive information via a man-in-the-middle attack. | 5.9 |