Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-16 | CVE-2017-9560 | Improper Certificate Validation vulnerability in Cayugalakenationalbank Cayuga Lake National Bank 4.0.1 The cayuga-lake-national-bank/id1151601539 app 4.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-06-16 | CVE-2017-9559 | Improper Certificate Validation vulnerability in Meafinancial Vision Bank 3.0.1 The MEA Financial vision-bank/id420406345 app 3.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-06-16 | CVE-2017-9558 | Improper Certificate Validation vulnerability in Wawacu Wawa Employees Credit Union Mobile 4.0.1 The wawa-employees-credit-union-mobile/id1158082793 app 4.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-06-14 | CVE-2017-4981 | Improper Certificate Validation vulnerability in Dell Bsafe Cert-C 2.7 EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing vulnerability. | 7.5 |
| 2017-06-09 | CVE-2016-7816 | Improper Certificate Validation vulnerability in Cybozu Kintone The Cybozu kintone mobile for Android 1.0.6 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-06-09 | CVE-2016-7805 | Improper Certificate Validation vulnerability in Unisys Mobigate 2.2.1.2/2.2.4.1 The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-06-08 | CVE-2016-5648 | Improper Certificate Validation vulnerability in Acer Portal 3.9.3.2006 Acer Portal app before 3.9.4.2000 for Android does not properly validate SSL certificates, which allows remote attackers to perform a Man-in-the-middle attack via a crafted SSL certificate. | 5.3 |
| 2017-06-04 | CVE-2016-8231 | Improper Certificate Validation vulnerability in Lenovo Service Bridge In Lenovo Service Bridge before version 4, a bug found in the signature verification logic of the code signing certificate could be exploited by an attacker to insert a forged code signing certificate. | 7.5 |
| 2017-05-30 | CVE-2016-3083 | Improper Certificate Validation vulnerability in Apache Hive Apache Hive (JDBC + HiveServer2) implements SSL for plain TCP and HTTP connections (it supports both transport modes). | 7.5 |
| 2017-05-24 | CVE-2017-2800 | Improper Certificate Validation vulnerability in Wolfssl A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and possible remote code execution. | 9.8 |