Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,400 vulnerabilities with CWE-295

CVE-2021-20732 MEDIUM

ATOM <1.8.1-1.8.2 - Info Disclosure

CVE-2021-21559 HIGH

Dell EMC NetWorker 18.x-19.4.0.1 - Unauthenticated Man-in-the-Middle via Improper Certificate Validation

CVE-2021-22218 LOW

GitLab 12.8-13.10.4, 13.11-13.11.4, 13.12-13.12.1 - Improper Certificate Validation

CVE-2021-29504 CRITICAL

WP-CLI 0.12.0-2.4.9 - Improper Certificate Validation in HTTP Request Handler

CVE-2021-24012 MEDIUM

FortiOS 6.4.0-6.4.4 - Improper Certificate Validation in LDAP SSLVPN Authentication

CVE-2021-22909 HIGH

EdgeMAX EdgeRouter Firmware < 2.0.9 - Improper Certificate Validation

CVE-2021-22138 LOW

Logstash 6.4.0-6.8.14 - Improper Certificate Validation in Monitoring Feature

CVE-2021-32919 HIGH

prosody 0.10.0-0.11.8 - Improper Certificate Validation in mod_dialback

CVE-2021-29495 MEDIUM

Nim < 1.4.2 - Improper Certificate Validation in HTTP Client

CVE-2021-20695 HIGH

DAP-1880AC <1.21 - Privilege Escalation

CVE-2021-31597 CRITICAL

xmlhttprequest-ssl < 1.6.1 - Improper Certificate Validation

CVE-2021-29653 HIGH

HashiCorp Vault 1.5.1-1.5.7 - Improper Certificate Validation in PKI Engine CRL Generation

CVE-2021-27400 HIGH

HashiCorp Vault <1.6.4, <1.7.1 - Info Disclosure

CVE-2021-20989 MEDIUM

Fibaro Home Center 2 & Lite <4.600 - SSRF

CVE-2021-3460 HIGH

Motorola MH702x Firmware < 2.0.0.301 - Improper Certificate Validation

CVE-2021-22511 MEDIUM

Micro Focus Application Automation Tools Plugin < 6.7 - Improper Certificate Validation

CVE-2021-27899 HIGH

Proofpoint Insider Threat Management < 7.11.1 - Improper Certificate Validation

CVE-2021-21374 HIGH

Nim <1.2.10 and 1.4.4 - Code Execution via Nimble Package List Man-in-the-Middle

CVE-2021-21373 HIGH

Nim < 1.2.10 - Improper Certificate Validation via Nimble Refresh Fallback

CVE-2021-3450 HIGH

OpenSSL 1.1.1h-1.1.1j - Certificate Chain Validation Bypass via X509_V_FLAG_X509_STRICT

CVE-2021-21385 HIGH

Mifos-Mobile <e505f62 - SSL/TLS Info Disclosure

CVE-2021-1471 CRITICAL

Cisco Jabber < 12.1.5, < 12.8.7, < 12.9.0 - Privilege Escalation and Information Disclosure

CVE-2021-28363 MEDIUM

urllib3 1.26.0-1.26.3 - Improper Certificate Validation in HTTPS Proxy Connections

CVE-2021-27257 MEDIUM

NETGEAR R7800 <1.0.2.76 - Info Disclosure

CVE-2021-27098 HIGH

SPIRE 0.8.1-0.12.0 - Improper Certificate Validation in Legacy Node API

Previous Page 30 of 56 Next

Details

Vulnerabilities 1,400

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy