32 matches found
CVE-2017-18911
An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. The X.509 certificate validation can be skipped for a TLS-based e-mail server...
EUVD-2016-0358
Malware in sbrugna...
EUVD-2014-2870
Malware in sbrugna...
EUVD-2014-0104
Malware in sbrugna...
EUVD-2012-0773
Malware in sbrugna...
EUVD-2020-30252
Malware in sbrugna...
EUVD-2014-0667
Malware in sbrugna...
EUVD-2014-0086
Malware in sbrugna...
EUVD-2018-10287
Malware in sbrugna...
EUVD-2020-30253
Malware in sbrugna...
EUVD-2012-0770
Malware in sbrugna...
EUVD-2014-7228
Malware in sbrugna...
EUVD-2014-7186
Malware in sbrugna...
EUVD-2012-5697
Malware in sbrugna...
CVE-2020-36659
In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-160...
CVE-2020-9432
opensslx509checkhost in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses luapushboolean for certain non-boolean return values...
CVE-2019-1940 Cisco Industrial Network Director Web Services Management Agent Unauthorized Information Disclosure Vulnerability
A vulnerability in the Web Services Management Agent WSMA feature of Cisco Industrial Network Director IND could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid X.509 certificate. The vulnerability is due to insufficient X.509...
CVE-2019-10914
pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflow during X.509 certificate verification because of missing validation in psRsaDecryptPubExt in crypto/pubkey/rsapub.c...
Design/Logic Flaw
Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business...
Design/Logic Flaw
The Auto-Scaling agent in Liberty for Java in IBM Bluemix before 2.7-20160321-1358 allows remote authenticated users to disable X.509 certificate validation, and consequently bypass an intended HTTPS trust-management feature, via unspecified vectors...