Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,397 vulnerabilities with CWE-295

CVE-2023-40256 CRITICAL

Veritas NetBackup Snapshot Manager < 10.2.0.1 - Improper Certificate Validation in RabbitMQ Service

CVE-2023-38686 CRITICAL

Sydent < 2.5.6 - Improper Certificate Validation in SMTP TLS

CVE-2023-34143 MEDIUM

Hitachi Device Manager <8.8.5-02 - Man in the Middle

CVE-2023-3724 CRITICAL

wolfssl < 5.6.2 - Predictable IKM Value in TLS 1.3 Session Key Generation

CVE-2023-3615 HIGH

Mattermost iOS - SSL/TLS Info Disclosure

CVE-2023-38325 HIGH

Cryptography <41.0.2 - Info Disclosure

CVE-2023-31190 HIGH

DroneScout DS230 Firmware 20211210-1627-20230329-1042 - Improper Certificate Validation in Firmware Update Procedure

CVE-2023-23546 MEDIUM

Milesight UR32L v32.3.0.5 - Improper Certificate Validation in urvpn_client

CVE-2023-33201 MEDIUM

Bouncy Castle For Java <1.74 - LDAP Injection

CVE-2023-32464 LOW

Dell VxRail 7.0.0-7.0.449 - Improper Certificate Validation

CVE-2023-34414 LOW

Firefox < 114.0 and Firefox ESR < 102.12 - Improper Certificate Validation via Clickjacking Bypass

CVE-2023-30222 HIGH

4D Server v17 v18 v19 R7 and earlier - Information Disclosure via Password Hash Eavesdropping

CVE-2023-35142 HIGH

Jenkins Checkmarx Plugin < 2023.4.3 - Improper Certificate Validation

CVE-2023-29501 MEDIUM

Jiyu Kukan Toku-Toku Coupon App < 3.5.0 - Improper Certificate Validation

CVE-2023-29175 MEDIUM

FortiOS and FortiProxy - Man-in-the-Middle via Improper FortiGuard Certificate Validation

CVE-2023-34410 MEDIUM

Debian Linux < 5.15.15 - Improper Certificate Validation

CVE-2023-0547 MEDIUM

Thunderbird 68.0-102.9.1 - Improper Certificate Validation in S/MIME Encrypted Email

CVE-2023-0430 MEDIUM

Thunderbird 68.0-102.7.0 - Improper Certificate Validation for S/MIME Signatures

CVE-2023-24568 MEDIUM

Dell NetWorker - SSL/TLS Validation Bypass

CVE-2023-28321 MEDIUM

curl < 8.1.0 - Improper Certificate Validation via Wildcard Pattern Matching

CVE-2023-1664 MEDIUM

Keycloak - Auth Bypass

CVE-2023-20881 HIGH

Cloud Foundry CAPI 1.140-1.152.0 & Loggregator-Agent 7.0-7.2.1 - Improper Certificate Validation in Syslog Drain MTLS

CVE-2023-32994 LOW

Jenkins SAML Single Sign On Plugin < 2.1.0 - Improper Certificate Validation

CVE-2023-27823 CRITICAL

Optoma 1080PSTX C02 - Unauthenticated Authentication Bypass

CVE-2023-31151 MEDIUM

SEL RTAC Web Interface - Man-in-the-Middle via Certificate Validation

Previous Page 20 of 56 Next

Details

Vulnerabilities 1,397

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy