Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-05 | CVE-2017-8059 | Improper Certificate Validation vulnerability in Foxitsoftware Foxit PDF 5.2.1/5.3.2 Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form, signature" before 5.4 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept login information (username/password), in addition to the static authentication token if the user is already logged in. | 8.1 |
| 2017-05-05 | CVE-2017-8058 | Improper Certificate Validation vulnerability in Atlassian Hipchat 3.16.1 Acceptance of invalid/self-signed TLS certificates in Atlassian HipChat before 3.16.2 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call. | 5.9 |
| 2017-05-05 | CVE-2017-5919 | Improper Certificate Validation vulnerability in 21St Century Insurance 10.0.0 The 21st Century Insurance app 10.0.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5918 | Improper Certificate Validation vulnerability in Banco DE Costa Rica BCR Movil 3.7 The Banco de Costa Rica BCR Movil app 3.7 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5916 | Improper Certificate Validation vulnerability in America'S First Federal Credit Union America'S First FCU Mobile Banking 3.1.0 The America's First Federal Credit Union (FCU) Mobile Banking app 3.1.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5915 | Improper Certificate Validation vulnerability in Emirates NBD Bank P.J.S.C Emirates NBD and Emirates NBD KSA The Emirates NBD Bank P.J.S.C Emirates NBD KSA app 3.10.0 through 3.10.4 (UAE) and 2.0.1 through 2.1.0 (KSA) for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5914 | Improper Certificate Validation vulnerability in Dotit-Corp Banque Zitouna 2.1 The DOT IT Banque Zitouna app 2.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5913 | Improper Certificate Validation vulnerability in Forex Tradeking Forex 1.2.1 The TradeKing Forex for iPhone app 1.2.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5912 | Improper Certificate Validation vulnerability in Forex Forextrader 2.9.12/2.9.13/2.9.14 The FOREX.com FOREXTrader for iPhone app 2.9.12 through 2.9.14 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5911 | Improper Certificate Validation vulnerability in Banco Santander Mexico SA Supermovil 3.5/3.6/3.7 The Banco Santander Mexico SA Supermovil app 3.5 through 3.7 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |