23 matches found
Improper Validation of Certificate with Host Mismatch
Overview Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch via missing hostname verification in the auto-configuration. An attacker can impersonate a trusted mail server and intercept or manipulate SMTP communications because hostname...
EUVD-2026-27237
Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...
Linux Distros Unpatched Vulnerability : CVE-2026-41603
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to...
CVE-2026-41603
Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...
CVE-2026-41603
Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...
Improper Validation of Certificate with Host Mismatch
Overview Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch due to establishing SSL connections to Cassandra without verifying that the hostname in the server's SSL certificate actually matched the hostname of the server being connected to...
Security Bulletin: IBM App Connect for Manufacturing is vulnerable to Improper Validation of Certificate with Host Mismatch due to Apache Log4j Core (CVE-2025-68161)
Summary IBM App Connect for Manufacturing is vulnerable to Improper Validation of Certificate with Host Mismatch due to Apache Log4j Core Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostnam...
Apache Ranger Vulnerable to Improper Validation of Certificate with Host Mismatch
Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...
Improper Validation of Certificate with Host Mismatch
Overview Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch due to the GalaxyFDSClientImpl.createHttpClient function. An attacker can intercept and modify communications by performing a man-in-the-middle attack when TLS hostname verification ...
Security Bulletin: IBM App Connect for Healthcare is vulnerable to Improper Validation of Certificate with Host Mismatch due to Apache Log4j Core (CVE-2025-68161)
Summary IBM App Connect for Healthcare is vulnerable to Improper Validation of Certificate with Host Mismatch due to Apache Log4j Core. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname...
CVE-2025-25253
An Improper Validation of Certificate with Host Mismatch vulnerability CWE-297 in FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions and FortiOS version 7.6.2 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions ZTNA proxy may allow a...
Improper Validation of Certificate with Host Mismatch
Overview Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch via the parseCommonName method . An attacker can gain unauthorized access or impersonate users by crafting malicious X.509 certificates that bypass hostname validation through...
CVE-2025-25253
An Improper Validation of Certificate with Host Mismatch vulnerability CWE-297 in FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions and FortiOS version 7.6.2 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions ZTNA proxy may allow a...
CVE-2025-25253
CVE-2025-25253 describes improper validation of certificate hostnames in FortiProxy (and FortiOS ZTNA proxy) that could allow an unauthenticated attacker in a man-in-the-middle position to intercept and tamper with connections. Affected products/versions from the provided docs include FortiProxy ...
HotelRunner B2B 安全漏洞
HotelRunner B2B is a software tool for business management and collaboration for the hotel industry from HotelRunner Turkey. A security vulnerability exists in HotelRunner B2B versions prior to 04.06.2025, which stems from improper validation of a certificate host mismatch and could lead to HTTP...
Improper Validation of Certificate with Host Mismatch
Overview Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch in components/octoprint, which uses custom Octoprint HTTP sessions. The default ssl parameter configuration uses the value False or None, which causes the SSL verification...
DEBIAN-CVE-2022-4967
strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch CWE-297. When certificates are used to authenticate clients in TLS-based EAP methods, the IKE or EAP identity supplied by a client is not enforced to be...
CVE-2023-5909 Improper Validation of Certificate with Host Mismatch in PTC KEPServerEx
KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect...
CVE-2023-34143
Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux Device Manager Server, Device Manager Agent, Host Data Collector components allows Man in the Middle Attack.This issue affects Hitachi Device Manager: before 8.8.5-02...
Input validation
Improper Validation of Certificate with Host Mismatch vulnerability in Gotham Chat IRC helper of Palantir Gotham allows A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept...