Vulnerabilities > Improper Certificate Validation

DATE CVE VULNERABILITY TITLE RISK
2017-04-20 CVE-2017-2784 Improper Certificate Validation vulnerability in ARM Mbed TLS
An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2.
network
high complexity
arm CWE-295
8.1
2017-04-20 CVE-2016-4818 Improper Certificate Validation vulnerability in DMM products
DMMFX Trade for Android 1.5.0 and earlier, DMMFX DEMO Trade for Android 1.5.0 and earlier, and GAITAMEJAPAN FX Trade for Android 1.4.0 and earlier do not verify SSL certificates.
network
high complexity
dmm CWE-295
5.9
2017-04-18 CVE-2017-5653 Improper Certificate Validation vulnerability in Apache CXF
JAX-RS XML Security streaming clients in Apache CXF before 3.1.11 and 3.0.13 do not validate that the service response was signed or encrypted, which allows remote attackers to spoof servers.
network
low complexity
apache CWE-295
5.3
2017-04-13 CVE-2013-6662 Improper Certificate Validation vulnerability in Google Chrome
Google Chrome caches TLS sessions before certificate validation occurs.
network
low complexity
google CWE-295
6.5
2017-04-13 CVE-2016-1132 Improper Certificate Validation vulnerability in Docomo Shoplat
Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify SSL certificates.
network
low complexity
docomo CWE-295
7.5
2017-04-10 CVE-2015-7826 Improper Certificate Validation vulnerability in Botan Project Botan
botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com.
network
low complexity
botan-project CWE-295
critical
9.8
2017-04-07 CVE-2017-2387 Improper Certificate Validation vulnerability in Apple Music 1.2.1
The Apple Music (aka com.apple.android.music) application before 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
high complexity
apple CWE-295
4.8
2017-04-06 CVE-2017-7192 Improper Certificate Validation vulnerability in Starscream Project Starscream
WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because of incorrect management of the certValidated variable (it can be set to true but cannot be set to false).
network
low complexity
starscream-project CWE-295
7.5
2017-04-06 CVE-2017-5887 Improper Certificate Validation vulnerability in Starscream Project Starscream
WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because pinning occurs in the stream function (this is too late; pinning should occur in the initStreamsWithData function).
network
low complexity
starscream-project CWE-295
7.5
2017-04-05 CVE-2015-4680 Improper Certificate Validation vulnerability in multiple products
FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates.
network
low complexity
freeradius suse CWE-295
7.5