Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,400 vulnerabilities with CWE-295

CVE-2021-22189 MEDIUM

GitLab < 13.6.7 - Improper Certificate Validation for Fortinet OTP

CVE-2021-3406 CRITICAL

keylime < 5.8.1 - Improper Certificate Validation

CVE-2021-20328 MEDIUM

MongoDB Java Driver 3.11.0-3.11.3, 4.0.0-4.0.6 - Improper Certificate Validation in CSFLE KMS Server Certificate

CVE-2021-20327 MEDIUM

mongodb-client-encryption 1.2.0 - Improper Certificate Validation

CVE-2021-20230 HIGH

stunnel < 5.57 - Improper Certificate Validation with redirect and verifyChain Options

CVE-2021-27189 MEDIUM

CIRA Canadian Shield < 4.0.13 - Improper Certificate Validation

CVE-2021-26911 HIGH

Canary Mail < 3.22 - Missing SSL Certificate Validation for IMAP in STARTTLS Mode

CVE-2021-20649 MEDIUM

ELECOM WRC-300FEBK-S - Code Injection

CVE-2021-0341 HIGH

Android 8.1-11 - Improper Certificate Validation in OkHostnameVerifier

CVE-2021-1354 MEDIUM

Cisco Unified Computing System Central Software < 2.0(1m) Authenticated Certificate Validation Bypass

CVE-2021-3336 HIGH

wolfssl < 4.7.0 - Improper Certificate Validation in TLS 1.3 Client

CVE-2021-3309 HIGH

Wekan < 4.87 - Improper Certificate Validation in LDAP Server

CVE-2021-3285 MEDIUM

TI Code Composer Studio IDE <10.1.1 - Info Disclosure

CVE-2021-1277 HIGH

Cisco Data Center Network Manager < 11.5(1) - Improper Certificate Validation

CVE-2021-1276 HIGH

Cisco Data Center Network Manager < 11.5(1) - Improper Certificate Validation

CVE-2021-3162 HIGH

Docker Desktop Community < 2.5.0.0 - Local Privilege Escalation via Certificate Validation Bypass

CVE-2020-29504 HIGH

Dell BSAFE <4.1.5-4.5.2 - Missing Required Cryptographic Step

CVE-2020-12614 HIGH

BeyondTrust Privilege Management for Windows <5.6 - Privilege Escal...

CVE-2020-36659 HIGH

Apache::Session::Browseable <1.3.6 - Info Disclosure

CVE-2020-36658 HIGH

Apache::Session::LDAP <0.5 - Info Disclosure

CVE-2020-35509 MEDIUM

Keycloak 11.0.3 and 12.0.0 - Improper Certificate Validation in Direct-Grant Authenticator

CVE-2020-16093 HIGH

lemonldap-ng < 2.0.8 - Improper Certificate Validation in LDAP Backend Connection

CVE-2020-26184 HIGH

Dell BSAFE Micro Edition Suite < 4.5.1 - Improper Certificate Validation

CVE-2020-4496 MEDIUM

IBM Spectrum Protect Plus 10.1.0-10.1.8 - Man-in-the-Middle via Improper Certificate Validation

CVE-2020-36478 HIGH

Mbed TLS < 2.25.0, < 2.16.9 LTS, < 2.7.18 LTS - Improper Certificate Validation

Previous Page 31 of 56 Next

Details

Vulnerabilities 1,400

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy