Icinga 2 v2.8.0 through v2.11.7 and v2.12.2 has an issue where revoked certificates due for renewal will automatically be renewed, ignoring the CRL. This issue is fixed in Icinga 2 v2.11.8 and v2.12.3.
A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL::VERIFY_NONE) may lead to verification bypass in Red Hat CloudForms 5.x.
The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation.
The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation.
An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. The X.509 certificate validation can be skipped for a TLS-based e-mail server.
A potential vulnerability has been identified in HP Remote Graphics Software’s certificate authentication process version 7.5.0 and earlier.
The "Apache NetBeans" autoupdate system does not validate SSL certificates and hostnames for https based downloads. This allows an attacker to intercept downloads of autoupdates and modify the downloa...