Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,397 vulnerabilities with CWE-295

CVE-2023-23901 MEDIUM

SkyBridge MB-A200 <01.00.05 - Info Disclosure

CVE-2023-24461 HIGH

BIG-IP Edge Client - Improper Certificate Validation

CVE-2023-31486 HIGH

HTTP::Tiny <0.083 - Info Disclosure

CVE-2023-31485 MEDIUM

GitLab::API::v4-0.26 - Info Disclosure

CVE-2023-31484 HIGH

CPAN.pm <2.35 - Info Disclosure

CVE-2023-26463 CRITICAL

strongSwan 5.9.8-5.9.9 - Remote Code Execution via EAP-TLS Client Certificate Handling

CVE-2023-30517 MEDIUM

Jenkins NeuVector Vulnerability Scanner < 1.22 - Improper Certificate Validation

CVE-2023-30516 MEDIUM

Jenkins Image Tag Parameter Plugin < 2.0 - Improper Certificate Validation

CVE-2023-22642 HIGH

FortiAnalyzer & FortiManager 6.4.8-6.4.10, 7.0.0-7.0.5, 7.2.0-7.2.1 - MITM via Improper Cert Validation

CVE-2023-23588 MEDIUM

SIMATIC IPC647D, IPC847D, IPC1047 Firmware - Improper Certificate Validation in Maxview Storage Manager

CVE-2023-28093 MEDIUM

Pega Synchronization Engine 3.1.1-3.1.29 - Improper Certificate Validation

CVE-2023-25392 MEDIUM

Allegro BigFlow < 1.6 - Improper Certificate Validation

CVE-2023-29000 MEDIUM

Nextcloud Desktop <3.7.0 - Info Disclosure

CVE-2023-0466 MEDIUM

OpenSSL 1.0.2-1.0.2zh - Improper Certificate Validation via X509_VERIFY_PARAM_add0_policy

CVE-2023-0465 MEDIUM

OpenSSL 1.0.2-1.0.2zh - Improper Certificate Validation via Policy Processing

CVE-2023-20963 HIGH KEV

Android - Local Privilege Escalation via WorkSource Parcel Mismatch

CVE-2023-0464 HIGH

OpenSSL 1.0.2-1.0.2zh - Denial of Service via Malicious X.509 Certificate Chain with Policy Constraints

CVE-2023-1055 MEDIUM

Red Hat Directory Server 11 and 12 - Sensitive Information Disclosure via UserPassword Attribute Misdirection

CVE-2023-22943 MEDIUM

Splunk AoB <4.1.2 & Splunk CloudConnect SDK <3.1.3 - Info Disclosure

CVE-2023-22367 MEDIUM

Ichiran App < 3.1.0 - Improper Certificate Validation

CVE-2023-23131 HIGH

Selfwealth iOS App 3.3.1 - Improper Certificate Validation

CVE-2023-0509 HIGH

pyload < 0.5.0b3.dev44 - Improper Certificate Validation

CVE-2023-23690 HIGH

Cloud Mobility for Dell EMC Storage <1.3.0.X - Improper Check for C...

CVE-2022-40620 HIGH

NETGEAR Orbi and Router Firmware - Remote Code Execution via FunJSQ Auto-Update TLS Certificate Validation Bypass

CVE-2022-20814 HIGH

Cisco TelePresence Video Communication Server - Improper Certificate Validation

Previous Page 21 of 56 Next

Details

Vulnerabilities 1,397

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy