Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-599
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-56232 2025-11-06 N/A 6.8 MEDIUM
GOG Galaxy 2.0.0.2 suffers from Missing SSL Certificate Validation. An attacker who controls the local network, DNS, or a proxy can perform a man-in-the-middle (MitM) attack to intercept update requests and replace installer or update packages with malicious files.
CVE-2025-56230 2025-11-06 N/A 7.5 HIGH
Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the update component.
CVE-2025-12553 2025-11-04 N/A N/A
Email Server Certificate Verification Disabled.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
CVE-2025-56146 2025-10-28 N/A 5.3 MEDIUM
Indian Bank IndSMART Android App 3.8.1 is vulnerable to Missing SSL Certificate Validation in NuWebViewActivity.
CVE-2024-36755 1 Dlink 2 Dir-1950, Dir-1950 Firmware 2025-07-09 N/A 6.8 MEDIUM
D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest firmware version and downloading URL. This can allow attackers to downgrade the firmware version or change the downloading URL via a man-in-the-middle attack.
CVE-2023-48052 1 Httpie 1 Httpie 2024-11-21 N/A 7.4 HIGH
Missing SSL certificate validation in HTTPie v3.2.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack.
CVE-2024-40464 1 Beego 1 Beego 2024-08-15 N/A 8.8 HIGH
An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the sendMail function located in beego/core/logs/smtp.go file
CVE-2024-41265 2024-08-02 N/A 7.5 HIGH
A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequest function.
CVE-2024-41253 2024-08-01 N/A 7.1 HIGH
goframe v2.7.2 is configured to skip TLS certificate verification, possibly allowing attackers to execute a man-in-the-middle attack via the gclient component.