Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-05 | CVE-2017-5913 | Improper Certificate Validation vulnerability in Forex Tradeking Forex 1.2.1 The TradeKing Forex for iPhone app 1.2.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5912 | Improper Certificate Validation vulnerability in Forex Forextrader 2.9.12/2.9.13/2.9.14 The FOREX.com FOREXTrader for iPhone app 2.9.12 through 2.9.14 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5911 | Improper Certificate Validation vulnerability in Banco Santander Mexico SA Supermovil 3.5/3.6/3.7 The Banco Santander Mexico SA Supermovil app 3.5 through 3.7 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5909 | Improper Certificate Validation vulnerability in Electronic Funds Source LLC EFS Mobile Driver Source 2.5 The Electronic Funds Source (EFS) Mobile Driver Source app 2.5 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5907 | Improper Certificate Validation vulnerability in Great Southern Bank Great Southern Mobile Banking 3.0.1 The Great Southern Bank Great Southern Mobile Banking app before 4.0.4 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5906 | Improper Certificate Validation vulnerability in Everyday Health INC Diabetes in Check: Blood Glucose & Carb Tracker 3.4.2 The Everyday Health Diabetes in Check: Blood Glucose & Carb Tracker app 3.4.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5905 | Improper Certificate Validation vulnerability in Dollar Bank Dollar Bank Mobile 2.6.3 The Dollar Bank Mobile app 2.6.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5902 | Improper Certificate Validation vulnerability in Payquicker Mypayquicker 1.0.0 The PayQuicker app 1.0.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5901 | Improper Certificate Validation vulnerability in State Bank of India State Bank Anywhere 5.1.0 The State Bank of India State Bank Anywhere app 5.1.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-3213 | Improper Certificate Validation vulnerability in Think Mutual Bank Think Mutual Bank Mobile Banking APP 3.1.5 The Think Mutual Bank Mobile Banking app 3.1.5 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |