Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-19 | CVE-2023-38353 | Improper Certificate Validation vulnerability in Minitool Power Data Recovery 11.5/11.6 MiniTool Power Data Recovery version 11.6 and before contains an insecure in-app payment system that allows attackers to steal highly sensitive information through a man in the middle attack. | 5.9 |
| 2023-09-19 | CVE-2023-38354 | Improper Certificate Validation vulnerability in Minitool Shadowmaker 4.1 MiniTool Shadow Maker version 4.1 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack. | 8.1 |
| 2023-09-19 | CVE-2023-38355 | Improper Certificate Validation vulnerability in Minitool Movie Maker 7.0 MiniTool Movie Maker 7.0 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack. | 8.1 |
| 2023-09-19 | CVE-2023-38356 | Improper Certificate Validation vulnerability in Minitool Power Data Recovery 11.6 MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack. | 8.1 |
| 2023-09-13 | CVE-2023-4801 | Improper Certificate Validation vulnerability in Proofpoint Insider Threat Management An improper certification validation vulnerability in the Insider Threat Management (ITM) Agent for MacOS could be used by an anonymous actor on an adjacent network to establish a man-in-the-middle position between the agent and the ITM server after the agent has registered. | 7.5 |
| 2023-09-11 | CVE-2023-35845 | Improper Certificate Validation vulnerability in Anaconda Anaconda3 2023.031 Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying the cacert.pem file used by the installed pip program. | 4.7 |
| 2023-09-06 | CVE-2023-30729 | Improper Certificate Validation vulnerability in Samsung Email Improper Certificate Validation in Samsung Email prior to version 6.1.82.0 allows remote attacker to intercept the network traffic including sensitive information. | 7.5 |
| 2023-09-01 | CVE-2022-22305 | Improper Certificate Validation vulnerability in Fortinet products An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the listed products and some external peers. | 4.2 |
| 2023-08-23 | CVE-2023-1409 | Improper Certificate Validation vulnerability in Mongodb If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of configuration options that are already known to work securely in other platforms (e.g. | 7.5 |
| 2023-08-14 | CVE-2023-21265 | Improper Certificate Validation vulnerability in Google Android In multiple locations, there are root CA certificates which need to be disabled. | 7.5 |