Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,400 vulnerabilities with CWE-295

CVE-2020-24613 MEDIUM

wolfSSL <4.5.0 - Privilege Escalation

CVE-2020-17366 HIGH

NLnet Labs Routinator <0.7.1 - Auth Bypass/DoS

CVE-2020-15134 HIGH

Faye < 1.4.0 - Missing TLS Certificate Validation

CVE-2020-15133 HIGH

Faye-websocket <0.11.0 - SSL/TLS Info Disclosure

CVE-2020-16164 HIGH

RIPE NCC RPKI Validator 3.x < 3.1-2020.07.06.14.28 - Improper Certificate Validation

CVE-2020-16163 CRITICAL

RIPE NCC RPKI Validator 3.x < 3.1-2020.07.06.14.28 - Improper Certificate Validation

CVE-2020-16162 HIGH

RIPE NCC RPKI Validator 3.x < 3.1-2020.07.06.14.28 - Improper Certificate Validation

CVE-2020-10925 HIGH

NETGEAR R6700 V1.0.4.84_10.0.58 - Info Disclosure

CVE-2020-6529 MEDIUM

Google Chrome < 84.0.4147.89 - Cross-Origin Data Leak via WebRTC

CVE-2020-15813 HIGH

Graylog < 3.3.3 - Improper Certificate Validation for LDAP Servers

CVE-2020-14039 MEDIUM

GO < 1.13.13 - Improper Certificate Validation

CVE-2020-15720 MEDIUM

Dogtagpki < 10.8.3 - Improper Certificate Validation

CVE-2020-15719 MEDIUM

OpenLDAP < 2.4.46-10.el8 - Improper Certificate Validation

CVE-2020-15526 MEDIUM

Redgate SQL Monitor 7.1.4-10.1.6 - Improper Certificate Validation in Alert Notifications and VMware Monitoring

CVE-2020-12421 MEDIUM

Firefox ESR < 68.10 - Info Disclosure

CVE-2020-5909 MEDIUM

NGINX Controller <3.5.0, <2.9.0, <1.0.1 - Info Disclosure

CVE-2020-15047 MEDIUM

Trojita < 0.8 - Improper Certificate Validation in MSA/SMTP.cpp

CVE-2020-5367 HIGH

Dell EMC Unisphere for PowerMax < 9.1.0.17 - Unauthenticated Man-in-the-Middle via Improper Certificate Validation

CVE-2020-14981 MEDIUM

ThreatTrack VIPRE Password Vault <1.100.1090 - Info Disclosure

CVE-2020-14980 MEDIUM

Sophos Secure Email <3.9.4 - Info Disclosure

CVE-2020-3342 HIGH

Cisco Webex Meetings Desktop App for Mac - RCE

CVE-2020-4320 MEDIUM

IBM MQ 8.0.0.0-8.0.0.14, 9.0.0.0-9.0.0.9, 9.1.0-9.1.4 - Improper Certificate Validation in AMQP Channels

CVE-2020-2033 MEDIUM

GlobalProtect 5.0.0-5.0.9 - Authentication Bypass via ARP Spoofing

CVE-2020-0119 MEDIUM

Android 10 - Man-in-the-Middle Attack via Improper Certificate Validation in WifiConfigManager

CVE-2020-9040 HIGH

Couchbase Server Java SDK 1.7.1-2.7.1 - Improper Certificate Validation in Netty Component

Previous Page 34 of 56 Next

Details

Vulnerabilities 1,400

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy