CVE-2020-24560

An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 v15 consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one...

JVN#02058996: HP ThinUpdate vulnerable to improper server certificate verification

HP ThinUpdate provided by HP Development Company, L.P. is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication or alter the communication. Solution Update the Software Update the software...

CVE-2023-29501

Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku coupon App for Android versions 3.5.0 and earlier are vulnerable to improper server certificate verification. If this vulnerability is exploited, a man-in-the-middle attack may allow an attacker to...

CVE-2023-29501

Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku coupon App for Android versions 3.5.0 and earlier are vulnerable to improper server certificate verification. If this vulnerability is exploited, a man-in-the-middle attack may allow an attacker to...

CVE-2023-29501

The CVE-2023-29501 entry concerns RUNSYSTEM’s Jiyu Kukan Toku-Toku coupon App for iOS and Android (versions 3.5.0 and earlier). Root cause: improper server certificate verification (CWE-295). Impact: enables a man-in-the-middle to eavesdrop on encrypted communications. Affected products: Jiyu Kuk...

JVN#81563390: "Hulu / フールー" App for iOS vulnerable to improper server certificate verification

"Hulu / フールー" App for iOS provided by HJ Holdings, Inc. is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the application Update the application to the latest versi...

JVN#13878856: Mobaoku-Auction & Flea Market App for iOS vulnerable to improper server certificate verification

Mobaoku-Auction & Flea Market App for iOS provided by DeNA Co., Ltd. is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the application Update the application to the...

JVN#10168753: SNKRDUNK Market Place App for iOS vulnerable to improper server certificate verification

SNKRDUNK Market Place App for iOS provided SODA, Inc. is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on and/or alter the communication. Solution Update the application Update the application to the latest...

JVN#64064138: ATOM - Smart life App vulnerable to improper server certificate verification

ATOM - Smart life App provided by ATOM tech Inc. is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Application Update the application to the latest version...

JVN#00014057: AWMS Mobile App vulnerable to improper server certificate verification

AWMS Mobile App is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by the developer...