Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,400 vulnerabilities with CWE-295

CVE-2020-28362 HIGH

GO < 1.14.12 - Improper Certificate Validation

CVE-2020-27589 HIGH

Synopsys hub-rest-api-python <0.0.53 - Info Disclosure

CVE-2020-27649 HIGH

Synology Router Manager <1.2.4-8081 - Info Disclosure

CVE-2020-27648 HIGH

Synology DSM <6.2.3-25426-2 - Info Disclosure

CVE-2020-9868 CRITICAL

iPadOS < 13.6 - Improper Certificate Validation

CVE-2020-3557 MEDIUM

Cisco Secure Firewall Management Center < 6.6.1 - Unauthenticated Denial of Service via Host Input API Daemon

CVE-2020-3994 HIGH

VMware vCenter Server 6.7 < 6.7u3 and 6.5 < 6.5u3k - Session Hijack via Update Repository Certificate Validation Bypass

CVE-2020-1675 HIGH

Juniper Networks Mist Cloud UI <September 2 2020 - Info Disclosure

CVE-2020-13955 MEDIUM

Apache Calcite < 1.26 - Improper Certificate Validation in HttpUtils#getURLConnection

CVE-2020-26117 HIGH

TigerVNC < 1.11.0 - Improper Certificate Validation

CVE-2020-24560 HIGH

Trend Micro Security 2019 (v15) - SSL Validation

CVE-2020-15604 HIGH

Trend Micro Security 2019 < 15.0 - Improper Certificate Validation

CVE-2020-4340 MEDIUM

IBM Security Secret Server < 10.9 - SSL Security Bypass via Improper Certificate Validation

CVE-2020-24619 MEDIUM

Shotcut <20.09.13 - Info Disclosure

CVE-2020-6781 MEDIUM

Bosch Smart Home System App for iOS < 9.17.1 - Improper Certificate Validation

CVE-2020-2253 MEDIUM

Jenkins Email Extension Plugin <2.75 - Info Disclosure

CVE-2020-2252 MEDIUM

Jenkins Mailer Plugin <1.32 - Info Disclosure

CVE-2020-25276 HIGH

PrimeKey EJBCA 6.x-7.x < 7.4.1 - Improper Certificate Validation in EST Client Certificate Revocation Check

CVE-2020-11617 MEDIUM

THOMSON THT741FTA and Philips DTR3502BFTA DVB-T2 Firmware 2.2.1 - Improper Certificate Validation in RSS Application

CVE-2020-24715 CRITICAL

Scalyr Agent < 2.1.10 - Missing SSL Certificate Validation

CVE-2020-24714 CRITICAL

Scalyr Agent < 2.1.10 - Missing SSL Certificate Validation via OpenSSL Binary

CVE-2020-24661 MEDIUM

GNOME Geary <3.36.3 - Info Disclosure

CVE-2020-5913 HIGH

BIG-IP <15.1.3.4 - Info Disclosure

CVE-2020-15498 MEDIUM

ASUS RT-AC1900P Firmware < 3.0.0.4.385.20253 - Improper Certificate Validation via wget --no-check-certificate Option

CVE-2020-16197 MEDIUM

Octopus Server - Improper Certificate Validation

Previous Page 33 of 56 Next

Details

Vulnerabilities 1,400

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy