Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-25 | CVE-2015-0904 | Improper Certificate Validation vulnerability in Shidax Restaurant Karaoke 1.3.3 The Restaurant Karaoke SHIDAX app 1.3.3 and earlier on Android does not verify SSL certificates, which allows remote attackers to obtain sensitive information via a man-in-the-middle attack. | 5.9 |
| 2017-07-21 | CVE-2015-3886 | Improper Certificate Validation vulnerability in Libinfinity Project Libinfinity libinfinity before 0.6.6-1 does not validate expired SSL certificates, which allows remote attackers to have unspecified impact via unknown vectors. | 9.8 |
| 2017-07-20 | CVE-2017-11501 | Improper Certificate Validation vulnerability in Nixos Project Nixos NixOS 17.03 and earlier has an unintended default absence of SSL Certificate Validation for LDAP. | 5.9 |
| 2017-07-17 | CVE-2017-1000007 | Improper Certificate Validation vulnerability in Twistedmatrix Txaws txAWS (all current versions) fail to perform complete certificate verification resulting in vulnerability to MitM attacks and information disclosure. | 5.9 |
| 2017-07-11 | CVE-2017-7726 | Improper Certificate Validation vulnerability in Ismartalarm Cubeone Firmware iSmartAlarm cube devices have an SSL Certificate Validation Vulnerability. | 7.5 |
| 2017-06-16 | CVE-2017-9601 | Improper Certificate Validation vulnerability in Fnbkemp FNB Kemp Mobile Banking 3.0.2 The "FNB Kemp Mobile Banking" by First National Bank of Kemp app 3.0.2 -- aka fnb-kemp-mobile-banking/id571448725 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-06-16 | CVE-2017-9600 | Improper Certificate Validation vulnerability in Meafinancial Peoples Bank Tulsa 3.0.2 The "Peoples Bank Tulsa" by Peoples Bank - OK app 3.0.2 -- aka peoples-bank-tulsa/id1074279285 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-06-16 | CVE-2017-9599 | Improper Certificate Validation vulnerability in Fountaintrust Fountain Trust Mobile Banking 3.0.0 The "Fountain Trust Mobile Banking" by FOUNTAIN TRUST COMPANY app before 3.2.0 -- aka fountain-trust-mobile-banking/id891343006 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-06-16 | CVE-2017-9598 | Improper Certificate Validation vulnerability in Meafinancial Morton Credit Union Mobile Banking 3.0.1 The "Morton Credit Union Mobile Banking" by Morton Credit Union app 3.0.1 -- aka morton-credit-union-mobile-banking/id1119623070 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-06-16 | CVE-2017-9597 | Improper Certificate Validation vulnerability in Meafinancial Blue Ridge Bank and Trust CO. Mobile Banking 3.0.1 The "Blue Ridge Bank and Trust Co. | 5.9 |