The product does not validate, or incorrectly validates, a certificate.
1,400 vulnerabilities with CWE-295
CVE-2020-8172
HIGH
Node <12.18.0-14.4.0 - SSL/TLS Verification Bypass
CVSS 7.4
CVE-2020-13254
MEDIUM
Django <2.2.13, <3.0.7 - Info Disclosure
CVSS 5.9
CVE-2020-13245
MEDIUM
NETGEAR - Missing SSL Certificate Validation
CVSS 5.9
CVE-2020-13645
MEDIUM
GNOME glib-networking <= 2.64.2 - Improper Certificate Validation
CVSS 6.5
CVE-2020-13616
MEDIUM
Pichi < 1.3.0 - Improper Certificate Validation in ASIO Wrapper
CVSS 5.9
CVE-2020-13615
MEDIUM
Qore < 0.9.4.2 - Improper Certificate Validation
CVSS 5.9
CVE-2020-13614
MEDIUM
axel < 2.17.8 - Improper Certificate Validation
CVSS 5.9
CVE-2020-13482
HIGH
EM-HTTP-Request 1.1.5 - Man-in-the-Middle
CVSS 7.4
CVE-2020-1113
HIGH
Windows Task Scheduler - Security Feature Bypass via Improper RPC Client Connection Verification
CVSS 7.5
CVE-2020-13163
HIGH
em-imap 0.5 - Improper Certificate Validation
CVSS 7.4
CVE-2020-1758
MEDIUM
Keycloak < 10.0.0 - Improper Certificate Validation in SMTP TLS Hostname Verification
CVSS 5.3
CVE-2020-8156
HIGH
Nextcloud Mail <1.1.3 - Info Disclosure
CVSS 7.0
CVE-2020-10059
MEDIUM
Zephyr 2.1.0 and later - Improper Certificate Validation in UpdateHub Module
CVSS 4.8
CVE-2020-12637
CRITICAL
Zulip Desktop <5.2.0 - Info Disclosure
CVSS 9.8
CVE-2020-11050
CRITICAL
Java-WebSocket <=1.4.1 - Info Disclosure
CVSS 9.0
CVE-2020-2187
MEDIUM
Jenkins Amazon EC2 Plugin < 1.50.1 - Improper Certificate Validation
CVSS 5.6
CVE-2020-12144
MEDIUM
Silver Peak Unity EdgeConnect - Improper Certificate Validation
CVSS 6.0
CVE-2020-12143
MEDIUM
Silver Peak Unity Orchestrator <8.9.2 - Improper Certificate Validation
CVSS 6.0
CVE-2020-1952
CRITICAL
Apache IoTDB 0.8.0-0.8.2 and 0.9.0-0.9.1 - Unauthenticated Remote Code Execution via JMX Port
CVSS 9.8
CVE-2020-9488
LOW
Apache Log4j 2.0-2.12.2, 2.13.0 - Improper Certificate Validation in SMTP Appender
CVSS 3.7
CVE-2020-5864
HIGH
NGINX Controller <3.2.0 - Info Disclosure
CVSS 7.4
CVE-2020-11806
MEDIUM
MailStore Server < 12.1.2 - Improper Certificate Validation in Outlook Add-in Login
CVSS 5.9
CVE-2020-11792
HIGH
NETGEAR R8900 R9000 RAX120 XR700 - TLS Certificate Private Key Disclosure
CVSS 7.5
CVE-2020-7922
MEDIUM
MongoDB Enterprise Kubernetes Operator <1.2 - Info Disclosure
CVSS 6.4
CVE-2020-11580
CRITICAL
Pulse Secure Pulse Connect Secure and Pulse Policy Secure < 2020-04-06 - Improper Certificate Validation
CVSS 9.1
Details
Vulnerabilities
1,400