Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,397 vulnerabilities with CWE-295

CVE-2022-45856 MEDIUM

FortiClient 5.0-7.2.1, 6.4-7.2.5, 6.4-7.0.8, 2.0-7.0.7 - Unauthenticated MitM via SAML SSO

CVE-2022-32509 HIGH

Nuki Home Solutions <3.3.5-2.13.2 - Info Disclosure

CVE-2022-3761 MEDIUM

OpenVPN Connect < 3.4.0.4506 (macOS) and < 3.4.0.3100 (Windows) - Improper Certificate Validation

CVE-2022-43892 LOW

IBM Security Verify Privilege On-Premises <11.5 - Info Disclosure

CVE-2022-22380 MEDIUM

IBM Security Verify Privilege On-Premises <11.5 - Spoofing

CVE-2022-22305 MEDIUM

FortiManager <7.0.1, FortiAnalyzer <7.0.2, FortiOS <6.4, FortiSandb...

CVE-2022-45458 HIGH

Acronis Agent < 29633 & Cyber Protect 15 < 30984 - Info Disclosure & Manipulation via Cert Validation

CVE-2022-45457 HIGH

Acronis Agent < 29633 & Cyber Protect 15 < 30984 - Sensitive Info Disclosure via Improper Cert Validation

CVE-2022-39161 MEDIUM

IBM WebSphere Application Server 7.0-9.0 & Liberty - Authenticated Spoofing via Improper Certificate Validation

CVE-2022-35898 CRITICAL

OpenText BizManager <16.6.0.1 - Privilege Escalation

CVE-2022-48186 MEDIUM

Lenovo Baiying < 1.1.4 - Improper Certificate Validation

CVE-2022-47758 CRITICAL

Nanoleaf Firmware <= 7.1.1 - Remote Code Execution via DNS Hijacking

CVE-2022-48437 MEDIUM

LibreSSL < 3.6.1 and OpenBSD < 7.2 - Improper Certificate Validation in x509_verify_ctx_add_chain

CVE-2022-27644 HIGH

NETGEAR Multiple Router Firmware - Improper Certificate Validation

CVE-2022-45597 CRITICAL

ComponentSpace SAML 4.4.0 - Improper Certificate Validation

CVE-2022-4895 HIGH

Hitachi Infrastructure Analytics Advisor <4.4.0 - Man in the Middle...

CVE-2022-39948 MEDIUM

FortiOS 6.0.0-7.0.7 and FortiProxy 1.2.0-2.0.8 - Unauthenticated Man-in-the-Middle via Improper Certificate Validation

CVE-2022-48308 MEDIUM

Palantir sls-logging - SSL/TLS Man-in-the-Middle

CVE-2022-48307 MEDIUM

Palantir Magritte-ftp - Man-in-the-Middle via TLS Hostname Validation Failure

CVE-2022-48306 MEDIUM

Palantir Gotham Chat IRC helper <30221005.210011.9242 - Man-in-the-...

CVE-2022-27890 MEDIUM

AtlasDB < 0.730.0 - Man-in-the-Middle via Improper TLS Certificate Hostname Validation

CVE-2022-34404 MEDIUM

Dell System Update < 2.0.1.0 - Improper Certificate Validation in Data Parser Module

CVE-2022-46496 MEDIUM

BTicino Door Entry HOMETOUCH for iOS <1.4.2 - Info Disclosure

CVE-2022-31733 CRITICAL

Cloud Foundry Diego 2.55.0-2.69.0 and CF Deployment 17.1-23.2.0 - Improper Certificate Validation

CVE-2022-3913 MEDIUM

Rapid7 Nexpose 6.6.82-6.6.177 - Improper Certificate Validation in Update Server

Previous Page 22 of 56 Next

Details

Vulnerabilities 1,397

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy