Total
977 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-11727 | 1 Mozilla | 1 Firefox | 2020-01-12 | N/A |
| A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68. | ||||
| CVE-2019-6032 | 1 Ntv | 1 News 24 | 2020-01-10 | 7.4 High |
| The NTV News24 prior to Ver.3.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2017-7322 | 1 Modx | 1 Modx Revolution | 2020-01-10 | 8.1 High |
| The (1) update and (2) package-installation features in MODX Revolution 2.5.4-pl and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and trigger the execution of arbitrary code via a crafted certificate. | ||||
| CVE-2013-0264 | 1 Redhat | 1 Mrg Management Console | 2020-01-10 | 7.5 High |
| An import error was introduced in Cumin in the code refactoring in r5310. Server certificate validation is always disabled when connecting to Aviary servers, even if the installed packages on a system support it. | ||||
| CVE-2014-0104 | 1 Clusterlabs | 1 Fence-agents | 2020-01-10 | 5.9 Medium |
| In fence-agents before 4.0.17 does not verify remote SSL certificates in the fence_cisco_ucs.py script which can potentially allow for man-in-the-middle attackers to spoof SSL servers via arbitrary SSL certificates. | ||||
| CVE-2014-0161 | 1 Ovirt-engine-sdk-python Project | 1 Ovirt-engine-sdk-python | 2020-01-10 | 5.9 Medium |
| ovirt-engine-sdk-python before 3.4.0.7 and 3.5.0.4 does not verify that the hostname of the remote endpoint matches the Common Name (CN) or subjectAltName as specified by its x.509 certificate in a TLS/SSL session. This could allow man-in-the-middle attackers to spoof remote endpoints via an arbitrary valid certificate. | ||||
| CVE-2019-18826 | 1 Barco | 8 Clickshare Cs-100, Clickshare Cs-100 Firmware, Clickshare Cse-200 and 5 more | 2019-12-27 | 9.8 Critical |
| Barco ClickShare Button R9861500D01 devices before 1.9.0 have Improper Following of a Certificate's Chain of Trust. The embedded 'dongle_bridge' program used to expose the functionalities of the ClickShare Button to a USB host, does not properly validate the whole certificate chain. | ||||
| CVE-2014-3495 | 2 Debian, Opensuse | 3 Debian Linux, Duplicity, Opensuse | 2019-12-19 | 7.5 High |
| duplicity 0.6.24 has improper verification of SSL certificates | ||||
| CVE-2011-2207 | 3 Debian, Gnupg, Redhat | 3 Debian Linux, Gnupg, Enterprise Linux | 2019-12-13 | 5.3 Medium |
| dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate. | ||||
| CVE-2019-19271 | 1 Proftpd | 1 Proftpd | 2019-12-11 | 7.5 High |
| An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. A wrong iteration variable, used when checking a client certificate against CRL entries (installed by a system administrator), can cause some CRL entries to be ignored, and can allow clients whose certificates have been revoked to proceed with a connection to the server. | ||||
| CVE-2014-2845 | 2 Cyberduck, Microsoft | 2 Cyberduck, Windows | 2019-12-11 | 5.9 Medium |
| Cyberduck before 4.4.4 on Windows does not properly validate X.509 certificate chains, which allows man-in-the-middle attackers to spoof FTP-SSL servers via a certificate issued by an arbitrary root Certification Authority. | ||||
| CVE-2019-11554 | 1 Amazon | 1 Audible | 2019-12-11 | 5.9 Medium |
| The Audible application through 2.34.0 for Android has Missing SSL Certificate Validation for Adobe SDKs, allowing MITM attackers to cause a denial of service. | ||||
| CVE-2012-5518 | 1 Ovirt | 1 Vdsm | 2019-12-09 | 7.5 High |
| vdsm: certificate generation upon node creation allowing vdsm to start and serve requests from anyone who has a matching key (and certificate) | ||||
| CVE-2014-2901 | 1 Wolfssl | 1 Wolfssl | 2019-12-04 | 7.5 High |
| wolfssl before 3.2.0 does not properly issue certificates for a server's hostname. | ||||
| CVE-2014-2902 | 1 Wolfssl | 1 Wolfssl | 2019-12-04 | 7.5 High |
| wolfssl before 3.2.0 does not properly authorize CA certificate for signing other certificates. | ||||
| CVE-2014-8167 | 1 Redhat | 3 Enterprise Virtualization, Vdsclient, Virtual Desktop Server Manager | 2019-11-15 | 5.9 Medium |
| vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack | ||||
| CVE-2014-7143 | 1 Twistedmatrix | 1 Twisted | 2019-11-14 | 7.5 High |
| Python Twisted 14.0 trustRoot is not respected in HTTP client | ||||
| CVE-2009-3552 | 1 Redhat | 1 Enterprise Virtualization Manager | 2019-11-12 | 3.1 Low |
| In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface (a Windows Presentation Foundation (WPF) XAML browser application) to connect to the Red Hat Enterprise Virtualization Manager. An attacker on the local network could use this flaw to conduct a man-in-the-middle attack, tricking the user into thinking they are viewing the Red Hat Enterprise Virtualization Manager when the content is actually attacker-controlled, or modifying actions a user requested Red Hat Enterprise Virtualization Manager to perform. | ||||
| CVE-2019-16209 | 1 Broadcom | 1 Brocade Sannav | 2019-11-09 | 7.4 High |
| A vulnerability, in The ReportsTrustManager class of Brocade SANnav versions before v2.0, could allow an attacker to perform a man-in-the-middle attack against Secure Sockets Layer(SSL)connections. | ||||
| CVE-2019-3685 | 1 Opensuse | 1 Open Build Service | 2019-11-08 | 7.7 High |
| Open Build Service before version 0.165.4 diddn't validate TLS certificates for HTTPS connections with the osc client binary | ||||