Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,397 vulnerabilities with CWE-295

CVE-2022-45100 HIGH

Dell PowerScale OneFS 9.1.0.0-9.1.0.25 - Unauthenticated Improper Certificate Validation

CVE-2022-32748 HIGH

EcoStruxure Cybersecurity Admin Expert < 2.4 - Improper Certificate Validation

CVE-2022-42979 HIGH

RYDE 5.8.43 - Account Takeover via Deep Link Hostname Validation Bypass

CVE-2022-45197 HIGH

slixmpp < 1.8.3 - Improper Certificate Validation in XMLStream

CVE-2022-45419 MEDIUM

Firefox < 107.0 - Improper Certificate Validation via Deleted Security Exception

CVE-2022-34469 HIGH

Firefox for Android < 102.0 - Improper Certificate Validation

CVE-2022-22747 MEDIUM

Firefox < 96.0 and Firefox ESR < 91.5 - Denial of Service via Empty PKCS7 Sequence

CVE-2022-1834 MEDIUM

Thunderbird < 91.10 - Improper Certificate Validation via Braille Pattern Blank Character

CVE-2022-1197 MEDIUM

Thunderbird < 91.8 - Improper Certificate Validation

CVE-2022-32531 MEDIUM

Apache Bookkeeper < 4.14.6 - Improper Certificate Validation

CVE-2022-46153 HIGH

Traefik < 2.9.6 - Improper Certificate Validation in TLSOption Configuration

CVE-2022-43705 CRITICAL

Botan 1.11.34-2.19.2 - Improper Certificate Validation in OCSP Response Verification

CVE-2022-39334 LOW

Nextcloud Desktop < 3.6.1 - Improper Certificate Validation in nextcloudcmd CLI

CVE-2022-45391 HIGH

Jenkins NS-ND Integration Performance Publisher Plugin < 4.8.0.146 - Improper Certificate Validation

CVE-2022-38666 HIGH

Jenkins NS-ND Integration Performance Publisher Plugin <4.8.0.146 -...

CVE-2022-42131 MEDIUM

Liferay Digital Experience Platform - Missing SSL Certificate Validation in Dynamic Data Mapping REST Data Providers

CVE-2022-20960 HIGH

Cisco Email Security Appliance < 14.2.1-015 - Unauthenticated Denial of Service via TLS Connection Flood

CVE-2022-33684 HIGH

Apache Pulsar C++ Client - Man-in-the-Middle

CVE-2022-42813 CRITICAL

iPadOS < 16.0 - Improper Certificate Validation in WKWebView

CVE-2022-41316 MEDIUM

HashiCorp Vault <1.12.0-1.9.10 - Info Disclosure

CVE-2022-40147 HIGH

Industrial Edge Management < 1.5.1 - Improper Certificate Validation

CVE-2022-41747 HIGH

Trend Micro Apex One - Code Injection

CVE-2022-39264 HIGH

nheko < 0.10.2 - Improper Certificate Validation

CVE-2022-34394 LOW

Dell SmartFabric OS10 10.5.3.4 - Unauthenticated Improper Certificate Validation in Support Assist

CVE-2022-33683 MEDIUM

Apache Pulsar <=2.6.4, 2.7.0-2.7.4, 2.8.0-2.8.3, 2.9.0-2.9.2, 2.10.0 - Improper Certificate Validation

Previous Page 23 of 56 Next

Details

Vulnerabilities 1,397

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy