Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,397 vulnerabilities with CWE-295

CVE-2024-28161 MEDIUM

Jenkins Delphix Plugin 3.0.1 - Improper Certificate Validation

CVE-2024-2048 HIGH

Vault < 1.14.10 and 1.15.0-1.15.5 - Improper Certificate Validation in TLS Certificate Auth Method

CVE-2024-25141 CRITICAL

Mongo Hook <4.0.0 - Info Disclosure

CVE-2024-25642 HIGH

SAP Cloud Connector 2.0 - Improper Certificate Validation

CVE-2024-25140 CRITICAL

RustDesk 1.2.3 - Improper Certificate Validation via Trusted Root Certificate Installation

CVE-2024-1052 HIGH

Boundary 0.8.0-0.14.9 - Session Hijacking via TLS Certificate Tampering

CVE-2024-0853 MEDIUM

curl - Improper Certificate Validation via OCSP Stapling Bypass

CVE-2023-33861 MEDIUM

IBM QRadar EDR 3.12 - Trusted Entity Spoofing

CVE-2023-48785 MEDIUM

FortiNAC-F < 7.2.5 - Unauthenticated Man-in-the-Middle via Improper Certificate Validation

CVE-2023-38009 MEDIUM

IBM Cognos Mobile Client 1.1 iOS - Information Disclosure via Man-in-the-Middle Attack

CVE-2023-51634 HIGH

NETGEAR RAX30 Firmware < 1.0.12.100_hotfix - Unauthenticated Remote Code Execution via Improper Certificate Validation

CVE-2023-49570 HIGH

Bitdefender Total Security < 27.0.25.115 - Improper Certificate Validation in HTTPS Scanning

CVE-2023-6058 MEDIUM

Bitdefender Total Security < 27.0.25.115 - Improper Certificate Validation in Safepay HTTPS Handling

CVE-2023-6057 HIGH

Bitdefender Total Security - Info Disclosure

CVE-2023-6056 HIGH

Bitdefender Total Security - Info Disclosure

CVE-2023-6055 HIGH

Bitdefender Total Security < 27.0.25.115 - Improper Certificate Validation in HTTPS Scanning

CVE-2023-49567 MEDIUM

Bitdefender Total Security < 27.0.25.115 - Improper Certificate Validation via MD5 and SHA1 Collision Hash Functions

CVE-2023-50314 MEDIUM

IBM WebSphere Application Server Liberty 17.0.0.3-24.0.0.8 - Improper Certificate Validation

CVE-2023-50315 MEDIUM

IBM WebSphere Application Server 8.5 and 9.0 - Improper Certificate Validation

CVE-2023-50179 MEDIUM

FortiADC 7.0.0-7.4.0 - Unauthenticated Man-in-the-Middle via Improper Certificate Validation

CVE-2023-50178 HIGH

FortiADC 6.0-6.0.3, 6.1, 6.2, 7.0, 7.1, 7.2.0-7.2.3, 7.4.0 - MITM via Improper Certificate Validation

CVE-2023-35721 HIGH

NETGEAR RAX50 Firmware < 1.0.15.128 - Unauthenticated Remote Code Execution via Improper Certificate Validation

CVE-2023-50949 MEDIUM

IBM QRadar SIEM 7.5 - Improper Certificate Validation

CVE-2023-47742 MEDIUM

IBM Cloud Pak for Security 1.10.0.0-1.10.11.0 and QRadar Suite 1.10.12.0-1.10.18.0 - Improper Certificate Validation

CVE-2023-49250 HIGH

Apache DolphinScheduler <3.2.0 - SSRF

Previous Page 17 of 56 Next

Details

Vulnerabilities 1,397

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy