Total
1402 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-9160 | 2026-06-17 | N/A | N/A | ||
| In versions of the PEADM Forge Module prior to 3.24.0 a security misconfiguration was discovered. | |||||
| CVE-2024-8287 | 1 Canonical | 1 Anbox Cloud | 2026-06-17 | N/A | 7.5 HIGH |
| Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS certificate provided to it by the Anbox Stream Agent. An attacker must be able to machine-in-the-middle the Anbox Stream Agent from within an internal network before they can attempt to take advantage of this. | |||||
| CVE-2024-8285 | 1 Redhat | 1 Kroxylicious | 2026-06-17 | N/A | 5.9 MEDIUM |
| A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. This issue is considered a high complexity attack, with additional high privileges required, as the attack would need access to the Kroxylicious configuration or a peer system. The result of a successful attack impacts both data integrity and confidentiality. | |||||
| CVE-2024-8096 | 3 Debian, Haxx, Netapp | 15 Debian Linux, Curl, Active Iq Unified Manager and 12 more | 2026-06-17 | N/A | 6.5 MEDIUM |
| When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than 'revoked' (like for example 'unauthorized') it is not treated as a bad certficate. | |||||
| CVE-2024-8007 | 1 Redhat | 1 Openstack Platform | 2026-06-17 | N/A | 8.1 HIGH |
| A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform (RHOSP) director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a man-in-the-middle (MITM) attack. | |||||
| CVE-2024-7570 | 1 Ivanti | 1 Neurons For Itsm | 2026-06-17 | N/A | 8.3 HIGH |
| Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows a remote attacker in a MITM position to craft a token that would allow access to ITSM as any user. | |||||
| CVE-2024-7383 | 2026-06-17 | N/A | 7.4 HIGH | ||
| A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic. | |||||
| CVE-2024-7206 | 2026-06-17 | N/A | N/A | ||
| SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware | |||||
| CVE-2024-6472 | 1 Libreoffice | 1 Libreoffice | 2026-06-17 | N/A | 7.8 HIGH |
| Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice before the macro is executed. Previously if verification failed the user could fail to understand the failure and choose to enable the macros anyway. This issue affects LibreOffice: from 24.2 before 24.2.5. | |||||
| CVE-2024-6219 | 1 Canonical | 1 Lxd | 2026-06-17 | N/A | 3.8 LOW |
| Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoured. | |||||
| CVE-2024-6156 | 1 Canonical | 1 Lxd | 2026-06-17 | N/A | 3.8 LOW |
| Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store. | |||||
| CVE-2024-6001 | 2026-06-17 | N/A | 8.1 HIGH | ||
| An improper certificate validation vulnerability was reported in LADM that could allow a network attacker with the ability to redirect an update request to a remote server and execute code with elevated privileges. | |||||
| CVE-2024-5921 | 1 Paloaltonetworks | 1 Globalprotect | 2026-06-17 | N/A | 8.8 HIGH |
| An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint. Please subscribe to our RSS feed https://security.paloaltonetworks.com/rss.xml to be alerted to new updates to this and other advisories. | |||||
| CVE-2024-5918 | 1 Paloaltonetworks | 1 Pan-os | 2026-06-17 | N/A | 4.3 MEDIUM |
| An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client certificate to connect to an impacted GlobalProtect portal or GlobalProtect gateway as a different legitimate user. This attack is possible only if you "Allow Authentication with User Credentials OR Client Certificate." | |||||
| CVE-2024-5445 | 2026-06-17 | N/A | 3.8 LOW | ||
| Ecosystem Agent version 4 < 4.1.5.2597 and Ecosystem Agent version 5 < 5.1.4.2473 did not properly validate SSL/TLS certificates, which could allow a malicious actor to perform a Man-in-the-Middle and intercept traffic between the agent and N-able servers from a privileged network position. | |||||
| CVE-2024-5261 | 1 Libreoffice | 1 Libreoffice | 2026-06-17 | N/A | 9.8 CRITICAL |
| Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS certification verification LibreOfficeKit can be used for accessing LibreOffice functionality through C/C++. Typically this is used by third party components to reuse LibreOffice as a library to convert, view or otherwise interact with documents. LibreOffice internally makes use of "curl" to fetch remote resources such as images hosted on webservers. In affected versions of LibreOffice, when used in LibreOfficeKit mode only, then curl's TLS certification verification was disabled (CURLOPT_SSL_VERIFYPEER of false) In the fixed versions curl operates in LibreOfficeKit mode the same as in standard mode with CURLOPT_SSL_VERIFYPEER of true. This issue affects LibreOffice before version 24.2.4. | |||||
| CVE-2024-56521 | 1 Tcpdf Project | 1 Tcpdf | 2026-06-17 | N/A | 9.8 CRITICAL |
| An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely. | |||||
| CVE-2024-55581 | 2 Adacore, Debian | 2 Ada Web Server, Debian Linux | 2026-06-17 | N/A | 7.4 HIGH |
| When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate (unless the using program specifies a TLS configuration). | |||||
| CVE-2024-54849 | 1 Cpplusworld | 2 Cp-vnr-3104, Cp-vnr-3104 Firmware | 2026-06-17 | N/A | 5.9 MEDIUM |
| An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the second RSA private key and access sensitive data or execute a man-in-the-middle attack. | |||||
| CVE-2024-54848 | 1 Cpplusworld | 2 Cp-vnr-3104, Cp-vnr-3104 Firmware | 2026-06-17 | N/A | 7.4 HIGH |
| Improper handling and storage of certificates in CP Plus CP-VNR-3104 B3223P22C02424 allow attackers to decrypt communications or execute a man-in-the-middle attacks. | |||||