Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-05 | CVE-2017-5915 | Improper Certificate Validation vulnerability in Emirates NBD Bank P.J.S.C Emirates NBD and Emirates NBD KSA The Emirates NBD Bank P.J.S.C Emirates NBD KSA app 3.10.0 through 3.10.4 (UAE) and 2.0.1 through 2.1.0 (KSA) for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5914 | Improper Certificate Validation vulnerability in Dotit-Corp Banque Zitouna 2.1 The DOT IT Banque Zitouna app 2.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5913 | Improper Certificate Validation vulnerability in Forex Tradeking Forex 1.2.1 The TradeKing Forex for iPhone app 1.2.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5912 | Improper Certificate Validation vulnerability in Forex Forextrader 2.9.12/2.9.13/2.9.14 The FOREX.com FOREXTrader for iPhone app 2.9.12 through 2.9.14 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5911 | Improper Certificate Validation vulnerability in Banco Santander Mexico SA Supermovil 3.5/3.6/3.7 The Banco Santander Mexico SA Supermovil app 3.5 through 3.7 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5909 | Improper Certificate Validation vulnerability in Electronic Funds Source LLC EFS Mobile Driver Source 2.5 The Electronic Funds Source (EFS) Mobile Driver Source app 2.5 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5907 | Improper Certificate Validation vulnerability in Great Southern Bank Great Southern Mobile Banking 3.0.1 The Great Southern Bank Great Southern Mobile Banking app before 4.0.4 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5906 | Improper Certificate Validation vulnerability in Everyday Health INC Diabetes in Check: Blood Glucose & Carb Tracker 3.4.2 The Everyday Health Diabetes in Check: Blood Glucose & Carb Tracker app 3.4.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5905 | Improper Certificate Validation vulnerability in Dollar Bank Dollar Bank Mobile 2.6.3 The Dollar Bank Mobile app 2.6.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5902 | Improper Certificate Validation vulnerability in Payquicker Mypayquicker 1.0.0 The PayQuicker app 1.0.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |