Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,395 vulnerabilities with CWE-295

CVE-2025-54607 HIGH

HarmonyOS - Improper Certificate Validation in ArkWeb Module

CVE-2025-44964 LOW

BlueStacks v5.20 - Man-in-the-Middle via SSL Certificate Validation Bypass

CVE-2025-8476 HIGH

Alpine iLX-507 Firmware - Unauthenticated Arbitrary Code Execution via TIDAL Certificate Validation Bypass

CVE-2025-6037 MEDIUM

HashiCorp Vault < 1.20.1, 1.19.7, 1.18.12, 1.16.23 - Improper Certificate Validation in TLS Certificate Auth Method

CVE-2025-36005 MEDIUM

IBM MQ Operator 2.0.0-2.0.29, 3.2.0-3.2.13, 3.5.1 - Improper Certificate Validation

CVE-2025-7395 CRITICAL

wolfSSL 5.6.4-5.8.0 - Improper Certificate Validation via WOLFSSL_SYS_CA_CERTS and WOLFSSL_APPLE_NATIVE_CERT_VALIDATION

CVE-2025-30024 MEDIUM

Axis Device Manager <= 5.32.137 - Man-in-the-Middle Attack

CVE-2025-46788 HIGH

Zoom Workplace for Linux <6.4.13 - Info Disclosure

CVE-2025-32989 MEDIUM

GnuTLS - Heap-Buffer-Overread in Certificate Transparency SCT Extension Parsing

CVE-2025-35983 MEDIUM

Controller 7000 <9.30.250624a - Privilege Escalation

CVE-2025-48802 MEDIUM

Microsoft Windows SMB - Certificate Validation Spoofing

CVE-2025-7095 LOW

Comodo Internet Security Premium 12.3.4.8162 - Improper Certificate Validation in Update Handler

CVE-2025-34066 HIGH

AVTECH - Improper Certificate Validation

CVE-2025-29331 CRITICAL

Mhsanaei 3x-ui < 2.5.3 - Improper Certificate Validation

CVE-2025-6032 HIGH

Podman - Improper Certificate Validation in podman machine init

CVE-2025-6433 CRITICAL

Firefox < 140.0 - Improper Certificate Validation via WebAuthn Challenge

CVE-2025-39205 MEDIUM

MicroSCADA X SYS600 10.3-10.7 - Improper Certificate Validation in IEC 61850 TLS Protocol

CVE-2025-52919 MEDIUM

Yealink RPS <2025-05-26 - Info Disclosure

CVE-2025-32878 CRITICAL

COROS PACE 3 Firmware < 3.0808.0 - Improper Certificate Validation in HTTPS Communication

CVE-2025-36041 MEDIUM

IBM MQ Operator 2.0.0-2.0.29, 3.1.0-3.1.3, 3.2.0-3.2.12 - Improper Certificate Validation in Native HA CRR

CVE-2025-24471 MEDIUM

Fortinet Fortisase < 7.4.8 - Improper Certificate Validation

CVE-2025-33031 HIGH

File Station 5 <5.5.6.4847 - Info Disclosure

CVE-2025-30279 HIGH

File Station 5 <5.5.6.4847 - Improper Certificate Validation

CVE-2025-29885 HIGH

File Station 5 <5.5.6.4791 - Improper Certificate Validation

CVE-2025-29884 HIGH

File Station 5 <5.5.6.4791 - Info Disclosure

Previous Page 10 of 56 Next

Details

Vulnerabilities 1,395

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy