Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,397 vulnerabilities with CWE-295

CVE-2024-20080 CRITICAL

Gnss Service - Privilege Escalation

CVE-2024-25053 MEDIUM

IBM Cognos Analytics <12.0.2 - Improper Certificate Validation

CVE-2024-5261 CRITICAL

LibreOffice < 24.2.4 - Improper Certificate Validation in LibreOfficeKit Mode

CVE-2024-28021 HIGH

FOXMAN-UN/UNEM - Improper Certificate Validation in Message Queueing Mechanism

CVE-2024-35140 HIGH

IBM Security Verify Access Docker 10.0.0-10.0.6 - Privilege Escalation via Improper Certificate Validation

CVE-2024-29072 HIGH

Foxit PDF Editor < 11.2.9.53938 & PDF Reader < 2024.2.1.25153 Privilege Escalation

CVE-2024-31340 MEDIUM

TP-Link Tether <4.5.13 & Tapo <3.3.6 - Info Disclosure

CVE-2024-35299 MEDIUM

JetBrains YouTrack < 2024.1.29548 - Improper Certificate Validation in SMTPS Protocol

CVE-2024-30020 HIGH

Microsoft Windows Cryptographic Services - Remote Code Execution

CVE-2024-33612 MEDIUM

BIG-IP Next Central Manager 20.0.1-20.1.x - Improper Certificate Validation

CVE-2024-0042 HIGH

Google Android - Improper Certificate Validation

CVE-2024-4063 LOW

EZVIZ CS-C6-21WFR-8 5.2.7 Build 170628 - Improper Certificate Valid...

CVE-2024-4062 LOW

Hualai Xiaofang iSC5 3.2.2_112 - Improper Certificate Validation

CVE-2024-29733 LOW

Apache Airflow FTP Provider <3.7.0 - Certificate Validation

CVE-2024-3738 HIGH

nginxwebui < 4.2.4 - Improper Certificate Validation in handlePath Function

CVE-2024-31872 HIGH

IBM Security Verify Access Appliance <10.0.8 - SSRF

CVE-2024-31871 HIGH

IBM Security Verify Access Appliance <10.0.8 - SSRF

CVE-2024-29050 HIGH

Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Remote Code Execution via Cryptographic Services

CVE-2024-27323 HIGH

PDF-XChange Editor - Remote Code Execution via Improper Certificate Validation in Updater

CVE-2024-29887 HIGH

Serverpod < 1.2.6 - Improper Certificate Validation in HTTP Client

CVE-2024-2379 MEDIUM

curl - Improper Certificate Validation in wolfSSL QUIC Connection

CVE-2024-27440 MEDIUM

Toyoko Inn <1.13.0-1.3.14 - Info Disclosure

CVE-2024-23273 MEDIUM

Safari < 17.4 - Unauthenticated Private Browsing Tab Access via Improper Certificate Validation

CVE-2024-1351 HIGH

MongoDB < 4.4.29, 5.0-5.0.24, 6.0-6.0.13, 7.0-7.0.5 - Improper Certificate Validation

CVE-2024-28162 MEDIUM

Jenkins Delphix Plugin 3.0.1-3.1.0 - Improper Certificate Validation in Data Control Tower Connections

Previous Page 16 of 56 Next

Details

Vulnerabilities 1,397

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy