Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-15 | CVE-2017-8942 | Improper Certificate Validation vulnerability in Yottamark Inc. Shopwell - Healthy Diet & Grocery Food Scanner The YottaMark ShopWell - Healthy Diet & Grocery Food Scanner app 5.3.7 through 5.4.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-15 | CVE-2017-8941 | Improper Certificate Validation vulnerability in Interval International Interval International The Interval International app 3.3 through 3.5.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-15 | CVE-2017-8940 | Improper Certificate Validation vulnerability in Zipongo Inc. Healthy Recipes and Grocery Deals 6.2 The Zipongo - Healthy Recipes and Grocery Deals app before 6.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-15 | CVE-2017-8939 | Improper Certificate Validation vulnerability in Warnerbros Ellentube 3.1.1/3.1.2/3.1.3 The Warner Bros. | 5.9 |
| 2017-05-15 | CVE-2017-8938 | Improper Certificate Validation vulnerability in Radiojavan Radio Javan The Radio Javan app 9.3.4 through 9.6.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-15 | CVE-2017-8937 | Improper Certificate Validation vulnerability in Life Before US YO. 2.5.8 The Life Before Us Yo app 2.5.8 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-15 | CVE-2017-8936 | Improper Certificate Validation vulnerability in Changyou Dolphin web Browser 9.23.0/9.23.2 The MoboTap Dolphin Web Browser - Fast Private Internet Search app 9.23.0 through 9.23.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-15 | CVE-2017-8935 | Improper Certificate Validation vulnerability in Gocivix Indiana Voters 1.1.24 The Quest Information Systems Indiana Voters app 1.1.24 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-12 | CVE-2017-0248 | Improper Certificate Validation vulnerability in Microsoft .Net Framework Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specific use, aka ".NET Security Feature Bypass Vulnerability." | 7.5 |
| 2017-05-05 | CVE-2017-8060 | Improper Certificate Validation vulnerability in Watchguard Panda Mobile Security 1.1 Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Security" 1.1 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call. | 5.9 |