25 matches found
CVE-2022-46496
BTicino Door Entry HOMETOUCH for iOS 1.4.2 was discovered to be missing an SSL certificate...
CVE-2020-6175
Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation...
CVE-2019-15525
There is Missing SSL Certificate Validation in the pw3270 terminal emulator before version 5.1...
CVE-2024-50691
SunGrow iSolarCloud Android app V2.1.6.20241104 and prior suffers from Missing SSL Certificate Validation. The app explicitly ignores certificate errors and is vulnerable to MiTM attacks. Attackers can impersonate the iSolarCloud server and communicate with the Android app...
CVE-2024-50691
SunGrow iSolarCloud Android app V2.1.6.20241104 and prior suffers from Missing SSL Certificate Validation. The app explicitly ignores certificate errors and is vulnerable to MiTM attacks. Attackers can impersonate the iSolarCloud server and communicate with the Android app...
CVE-2024-50691
SunGrow iSolarCloud Android app V2.1.6.20241104 and prior suffers from Missing SSL Certificate Validation. The app explicitly ignores certificate errors and is vulnerable to MiTM attacks. Attackers can impersonate the iSolarCloud server and communicate with the Android app...
CVE-2023-51837
Ylianst MeshCentral 1.1.16 is vulnerable to Missing SSL Certificate Validation...
CVE-2023-48052
Missing SSL certificate validation in HTTPie v3.2.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack...
CVE-2023-25392
Allegro Tech BigFlow 1.6 is vulnerable to Missing SSL Certificate Validation...
CVE-2023-25392
Allegro Tech BigFlow 1.6 is vulnerable to Missing SSL Certificate Validation...
CVE-2022-45597
The CVE-2022-45597 entry concerns ComponentSpace.Saml2 4.4.0 with missing SSL certificate validation at the application layer. Root cause: improper handling of SSL certificates within the library, contrasted with transport-layer validation. Impact is described as high confidentiality, integrity, ...
SUSE SLED15 / SLES15 Security Update : busybox (SUSE-SU-2022:3959-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3959-1 advisory. - Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote...
CVE-2021-31747
CVE-2021-31747 : In Pluck 4.7.15, the code path update_applet.php omits SSL certificate validation, enabling potential man-in-the-middle attacks. Affected component is the update mechanism in Pluck-CMS; impact is limited to MITM risk described in multiple sources (e.g., NVD/Red Hat/CNVD entries)....
CVE-2020-24715
The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, native Python code is used that lacks a comparison of the hostname to commonName and subjectAltName...
CVE-2020-14981
The ThreatTrack VIPRE Password Vault app through 1.100.1090 for iOS has Missing SSL Certificate Validation...
CVE-2020-14980
The Sophos Secure Email application through 3.9.4 for Android has Missing SSL Certificate Validation...
CVE-2020-14981
The ThreatTrack VIPRE Password Vault app through 1.100.1090 for iOS has Missing SSL Certificate Validation...
CVE-2020-13245
CVE-2020-13245 affects NETGEAR routers, notably the R7000 (versions 1.0.9.6_1.2.19 through 1.0.11.100_10.2.10) and possibly additional models (R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R6850, XR500, R7000P). The root cause is Missing SSL Certificate Va...
Huawei EulerOS: Security Advisory for elinks (EulerOS-SA-2019-2376)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
OSS Http Request Apache Cordova Plugin 6 is affected by: Missing SSL certificate validation. The impact is: certificate spoofing. The component is: use this library when https communication. The attack vector is: certificate spoofing...