Opera before 10.00 does not check all intermediate X.509 certificates for revocation, which makes it easier for remote SSL servers to bypass validation of the certificate chain via a revoked certifica...

vdsm: certificate generation upon node creation allowing vdsm to start and serve requests from anyone who has a matching key (and certificate)

nuSOAP before 0.7.3-5 does not properly check the hostname of a cert.

An import error was introduced in Cumin in the code refactoring in r5310. Server certificate validation is always disabled when connecting to Aviary servers, even if the installed packages on a system...

Pulp before 2.3.0 uses the same the same certificate authority key and certificate for all installations.

wolfssl before 3.2.0 does not properly issue certificates for a server's hostname.