4 matches found
CVE-2020-24560
An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 v15 consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one...
JVN#02058996: HP ThinUpdate vulnerable to improper server certificate verification
HP ThinUpdate provided by HP Development Company, L.P. is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication or alter the communication. Solution Update the Software Update the software...
CVE-2023-29501
The CVE-2023-29501 entry concerns RUNSYSTEM’s Jiyu Kukan Toku-Toku coupon App for iOS and Android (versions 3.5.0 and earlier). Root cause: improper server certificate verification (CWE-295). Impact: enables a man-in-the-middle to eavesdrop on encrypted communications. Affected products: Jiyu Kuk...
JVN#10168753: SNKRDUNK Market Place App for iOS vulnerable to improper server certificate verification
SNKRDUNK Market Place App for iOS provided SODA, Inc. is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on and/or alter the communication. Solution Update the application Update the application to the latest...