Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,397 vulnerabilities with CWE-295

CVE-2023-46724 HIGH

Squid 3.3.0.1-5.9 and < 6.4 - Denial of Service via Crafted SSL Certificate in TLS Handshake

CVE-2023-42425 CRITICAL

Turing Edge+ EVC5FD Firmware 1.38.6 - Remote Code Execution and Information Disclosure via Cloud Connection

CVE-2023-21358 HIGH

Android - Local Privilege Escalation via UWB Crypto Masquerade

CVE-2023-31421 MEDIUM

Beats/Elastic Agent/APM Server/Fleet Server - SSL Validation

CVE-2023-31580 MEDIUM

light-oauth2 < 2.1.27 - Improper Certificate Validation

CVE-2023-5422 HIGH

OTRS 6.0.0-6.0.34 and 7.0.0-7.0.46 - Improper Certificate Validation in Email Fetching and Sending

CVE-2023-4499 HIGH

HP ThinUpdate < 2.7.15 - Improper Certificate Validation

CVE-2023-5554 MEDIUM

LINE < 13.16.0 - Improper Certificate Validation in Financial Module Log Transmission

CVE-2023-45613 MEDIUM

JetBrains Ktor < 2.3.5 - Improper Certificate Validation

CVE-2023-4586 HIGH

Red Hat Data Grid Hot Rod Client - Improper Certificate Validation

CVE-2023-2422 MEDIUM

Keycloak < 21.1.2 - Improper Certificate Validation

CVE-2023-41991 MEDIUM KEV

iPadOS < 16.7 and iPhone OS < 16.7 - Certificate Validation Bypass

CVE-2023-38356 HIGH

MiniTool Power Data Recovery 11.6 - RCE

CVE-2023-38355 HIGH

MiniTool Movie Maker 7.0 - Remote Code Execution via Man-in-the-Middle Attack

CVE-2023-38354 HIGH

MiniTool ShadowMaker 4.1 - Remote Code Execution via Man-in-the-Middle Attack

CVE-2023-38353 MEDIUM

MiniTool Power Data Recovery <11.6 - Info Disclosure

CVE-2023-38352 HIGH

MiniTool Partition Wizard 12.8 - RCE

CVE-2023-38351 HIGH

MiniTool Partition Wizard 12.8 - RCE

CVE-2023-4801 HIGH

ITM Agent for MacOS <7.14.3.69 - Info Disclosure

CVE-2023-35845 MEDIUM

Anaconda3 2023.03-1-Linux - TLS Certificate Validation Disruption via World-Writable cacert.pem

CVE-2023-30729 HIGH

Samsung Email < 6.1.82.0 - Improper Certificate Validation

CVE-2023-41180 MEDIUM

Apache NiFi MiNiFi C++ <0.15 - Certificate Validation

CVE-2023-39441 MEDIUM

Apache Airflow < 2.7.0 - Improper Certificate Validation

CVE-2023-1409 MEDIUM

MongoDB Server <6.3, 5.0.0-5.0.14, 4.4 - Info Disclosure

CVE-2023-21265 HIGH

Android - Improper Certificate Validation

Previous Page 19 of 56 Next

Details

Vulnerabilities 1,397

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy