Vulnerabilities (CVE)

Filtered by CWE-295
Total 1033 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-12499 1 Motorola 2 Mbp853, Mbp853 Firmware 2024-02-28 5.8 MEDIUM 7.4 HIGH
The Motorola MBP853 firmware does not correctly validate server certificates. This allows for a Man in The Middle (MiTM) attack to take place between a Motorola MBP853 camera and the servers it communicates with. In one such instance, it was identified that the device was downloading what appeared to be a client certificate.
CVE-2018-5462 1 Philips 1 Intellispace Portal 2024-02-28 5.0 MEDIUM 7.5 HIGH
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an SSL incorrect hostname certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information.
CVE-2018-10408 1 Virustotal 1 Virustotal 2024-02-28 6.8 MEDIUM 7.8 HIGH
An issue was discovered in VirusTotal. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute.
CVE-2017-17301 1 Huawei 56 Ar120-s, Ar120-s Firmware, Ar1200 and 53 more 2024-02-28 7.5 HIGH 9.8 CRITICAL
Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 5800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 6800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, DP300 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, TE30 V100R001C10, TE60 V100R003C00, V500R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, ViewPoint 8660 V100R008C02, V100R008C03, eSpace IAD V300R002C01, eSpace U1981 V200R003C20, V200R003C30, eSpace USM V100R001C01, V300R001C00 have a weak cryptography vulnerability. Due to not properly some values in the certificates, an unauthenticated remote attacker could forges a specific RSA certificate and exploits the vulnerability to pass identity authentication and logs into the target device to obtain permissions configured for the specific user name.
CVE-2018-8970 1 Openbsd 1 Libressl 2024-02-28 5.8 MEDIUM 7.4 HIGH
The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: the LibreSSL documentation indicates that this special case is supported, but the BoringSSL documentation does not.
CVE-2018-0277 1 Cisco 1 Identity Services Engine 2024-02-28 5.0 MEDIUM 8.6 HIGH
A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP authentication for the Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the ISE application server to restart unexpectedly, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to incomplete input validation of the client EAP-TLS certificate. An attacker could exploit this vulnerability by initiating EAP authentication over TLS to the ISE with a crafted EAP-TLS certificate. A successful exploit could allow the attacker to restart the ISE application server, resulting in a DoS condition on the affected system. The ISE application could continue to restart while the client attempts to establish the EAP authentication connection. If an attacker attempted to import the same EAP-TLS certificate to the ISE trust store, it could trigger a DoS condition on the affected system. This exploit vector would require the attacker to have valid administrator credentials. The vulnerability affects Cisco ISE, Cisco ISE Express, and Cisco ISE Virtual Appliance. Cisco Bug IDs: CSCve31857.
CVE-2017-2836 2 Debian, Freerdp 2 Debian Linux, Freerdp 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.
CVE-2018-10405 1 Google 1 Santa 2024-02-28 6.8 MEDIUM 7.8 HIGH
An issue was discovered in Google Santa and molcodesignchecker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute.
CVE-2013-7201 1 Paypal 1 Paypal 2024-02-28 5.8 MEDIUM 7.4 HIGH
WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.
CVE-2017-2667 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Hammer Cli 2024-02-28 6.8 MEDIUM 8.1 HIGH
Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not explicitly set the verify_ssl flag for apipie-bindings that disable it by default. As a result the server certificates are not checked and connections are prone to man-in-the-middle attacks.
CVE-2017-18227 1 Titanhq 1 Webtitan Gateway 2024-02-28 5.0 MEDIUM 7.5 HIGH
TitanHQ WebTitan Gateway has incorrect certificate validation for the TLS interception feature.
CVE-2018-0591 1 T-joy 1 Kinepass 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
The KINEPASS App for Android Ver 3.1.1 and earlier, and for iOS Ver 3.1.2 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2017-9595 1 Fsbbigfork 1 First State Bank Of Bigfork Mobile Banking 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
The "First State Bank of Bigfork Mobile Banking" by First State Bank of Bigfork app 4.0.3 -- aka first-state-bank-of-bigfork-mobile-banking/id1133969876 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2017-9581 1 Meafinancial 1 Algonquin State Bank Mobile Banking 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
The "Algonquin State Bank Mobile Banking" by Algonquin State Bank app 3.0.0 -- aka algonquin-state-bank-mobile-banking/id1089657735 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2017-9578 1 Rivervalleycommunitybank 1 Rvcb Mobile 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
The "RVCB Mobile" by RVCB Mobile Banking app 3.0.0 -- aka rvcb-mobile/id757928895 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2017-17718 1 Net-ldap Project 1 Net-ldap 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SSL Certificate Validation.
CVE-2017-9584 1 Heritagebankozarks 1 Hbo Mobile Banking 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
The "HBO Mobile Banking" by Heritage Bank of Ozarks app 3.0.0 -- aka hbo-mobile-banking/id860224933 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2017-9587 1 Meafinancial 1 Pcsb Bank Mobile 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
The "PCSB BANK Mobile" by PCSB Bank app 3.0.4 -- aka pcsb-bank-mobile/id1067472090 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2017-7932 1 Nxp 60 I.mx 28, I.mx 28 Firmware, I.mx 50 and 57 more 2024-02-28 4.4 MEDIUM 6.0 MEDIUM
An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image.
CVE-2017-9560 1 Cayugalakenationalbank 1 Cayuga Lake National Bank 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
The cayuga-lake-national-bank/id1151601539 app 4.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.