Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,400 vulnerabilities with CWE-295

CVE-2020-36477 MEDIUM

Mbed TLS < 2.24.0 - Improper Certificate Validation via SubjectAltName Extension

CVE-2020-12681 HIGH

3xLogic Infinias eIDC32 <3.4.125 - Info Disclosure

CVE-2020-36425 MEDIUM

Arm Mbed TLS < 2.24.0 - Improper Certificate Validation via CRL RevocationDate Check

CVE-2020-15732 MEDIUM

Bitdefender Antivirus/Internet/Total Security <25.0.7.29 - Improper Certificate Validation

CVE-2020-28907 CRITICAL

Nagios Fusion < 4.1.8 - Improper Certificate Validation in Update Package Download

CVE-2020-36127 MEDIUM

PAXSTORE < 7.0.8_20200511171508 - Information Disclosure via PUK Signature Certificate Replacement

CVE-2020-7924 MEDIUM

MongoDB Database Tools <100.2.0, Mongomirror <0.6.0 - Improper Certificate Validation

CVE-2020-15260 MEDIUM

PJSIP < 2.10 - Improper Certificate Validation

CVE-2020-35662 HIGH

SaltStack Salt < 2015.8.10 - Improper Certificate Validation

CVE-2020-28972 MEDIUM

SaltStack Salt < 3002.5 - Improper Certificate Validation in VMware Authentication

CVE-2020-24393 MEDIUM

TweetStream 2.6.1 - Man-in-the-Middle

CVE-2020-24392 MEDIUM

voloko twitter-stream <0.1.10 - SSRF

CVE-2020-29457 MEDIUM

OPC UA .NET Standard Stack <1.4.363.107 - Privilege Escalation

CVE-2020-4791 MEDIUM

IBM Security Identity Governance and Intelligence 5.2.6 - Improper Certificate Validation

CVE-2020-5812 MEDIUM

Nessus AMI <8.12.0 - Info Disclosure

CVE-2020-35733 HIGH

Erlang/OTP < 23.2.2 - Improper Certificate Validation

CVE-2020-24025 MEDIUM

node-sass <4.14.1 - Info Disclosure

CVE-2020-25680 MEDIUM

JBCS httpd 2.4.37 SP3 - Improper Certificate Validation

CVE-2020-8289 HIGH

Backblaze <7.0.1.433-7.0.1.434 - RCE

CVE-2020-5684 MEDIUM

iSM client <V12.1 - Man-in-the-Middle

CVE-2020-29663 CRITICAL

Icinga 2 <2.11.7, <2.12.2 - Info Disclosure

CVE-2020-8286 HIGH

libcurl 7.41.0-7.73.0 - Improper Certificate Validation via OCSP Response

CVE-2020-29440 MEDIUM

Tesla Model X Firmware < 2020-11-23 - Improper Certificate Validation in Key Fob Pairing

CVE-2020-28942 MEDIUM

PrimeKey EJBCA < 7.4.3 - Certificate Validation Bypass via EST Enrollment

CVE-2020-8279 HIGH

Nextcloud Social < 0.4.0 - Info Disclosure

Previous Page 32 of 56 Next

Details

Vulnerabilities 1,400

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy