Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,400 vulnerabilities with CWE-295

CVE-2022-32153 HIGH

Splunk Enterprise <9.0-8.2.2203 - Privilege Escalation

CVE-2022-32152 HIGH

Splunk Enterprise < 9.0 & Splunk Cloud Platform < 8.2.2203 - Improper Certificate Validation

CVE-2022-32151 HIGH

Splunk < 9.0 and Splunk Cloud Platform < 8.2.2203 - Improper Certificate Validation

CVE-2022-29482 LOW

Mobaoku-Auction&Flea Market < 5.5.16 - Improper Certificate Validation

CVE-2022-32563 CRITICAL

Couchbase Sync Gateway 3.0.0-3.0.1 - Unauthenticated Privilege Escalation via X.509 Certificate Authentication Bypass

CVE-2022-26493 CRITICAL

miniOrange Premium-Enterprise Drupal SAML SP - Auth Bypass

CVE-2022-27782 HIGH

curl < 7.83.1 - Improper Certificate Validation

CVE-2022-26491 MEDIUM

Pidgin < 2.14.9 - Improper Certificate Validation via DNS Spoofing

CVE-2022-26766 MEDIUM

tvOS <15.5-iOS <15.5- iPadOS <15.5 - Signature Validation Bypass

CVE-2022-29082 LOW

Dell EMC NetWorker <19.6 - SSL/TLS Impersonation

CVE-2022-22306 MEDIUM

FortiOS 6.0.0-6.0.14, 6.2.0-6.2.10, 6.4.0-6.4.8, 7.0.0 - MITM via Improper Certificate Validation

CVE-2022-29222 MEDIUM

Pion DTLS < 2.1.5 - Improper Certificate Validation

CVE-2022-22787 MEDIUM

Zoom Meetings < 5.10.0 - Improper Certificate Validation

CVE-2022-26923 HIGH KEV

Active Directory Certificate Services (ADCS) privilege escalation (Certifried)

CVE-2022-24901 HIGH

parse-server < 4.10.10 - Improper Certificate Validation in Apple Game Center Authentication

CVE-2022-1343 MEDIUM

OpenSSL 3.0.0-3.0.2 - Improper Certificate Validation in OCSP_basic_verify

CVE-2022-27536 HIGH

GO < 1.18.1 - Improper Certificate Validation

CVE-2022-22549 HIGH

Dell PowerScale OneFS - Improper Certificate Validation

CVE-2022-20081 MEDIUM

Android - Man-in-the-Middle Attack via Improper Certificate Validation in A-GPS

CVE-2022-20071 MEDIUM

Android - Privilege Escalation via Missing Certificate Validation

CVE-2022-28352 MEDIUM

WeeChat 3.2-3.4 - Improper Certificate Validation via GnuTLS Option Change

CVE-2022-28142 HIGH

Jenkins Proxmox Plugin < 0.6.0 - SSL/TLS Certificate Validation Disabled

CVE-2022-0123 MEDIUM

GitLab <14.4.5, 14.5.0-14.5.3, 14.6.0-14.6.1 - Info Disclosure

CVE-2022-0759 HIGH

kubeclient < 4.9.3 - Improper Certificate Validation in Kubeconfig Parser

CVE-2022-27820 MEDIUM

OWASP Zed Attack Proxy < w2022-03-21 - Improper Certificate Validation

Previous Page 25 of 56 Next

Details

Vulnerabilities 1,400

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy