Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,400 vulnerabilities with CWE-295

CVE-2019-19270 HIGH

ProFTPD <= 1.3.6b - Improper Certificate Validation in CRL Entry Check

CVE-2019-5102 MEDIUM

OpenWrt ustream-ssl <18.06.4,15.05.1 - Info Disclosure

CVE-2019-5101 MEDIUM

OpenWrt ustream-ssl <18.06.4,15.05.1 - Info Disclosure

CVE-2019-16209 HIGH

Brocade SANnav <2.0 - Man-in-the-Middle

CVE-2019-3685 HIGH

Open Build Service < 0.165.4 - Improper Certificate Validation in osc Client

CVE-2019-18633 CRITICAL

European Commission eIDAS-Node Integration Package <2.3.1 - Info Di...

CVE-2019-18632 CRITICAL

European Commission eIDAS-Node Integration Package <2.3.1 - Certifi...

CVE-2019-5538 MEDIUM

VMware vCenter Server 6.5-6.7 - Sensitive Information Disclosure via File-Based Backup and Restore

CVE-2019-5537 MEDIUM

VMware vCenter Server 6.5-6.7 - Sensitive Information Disclosure via FTPS/HTTPS Certificate Validation Bypass

CVE-2019-11674 MEDIUM

Micro Focus Self Service Password Reset <4.4.0.4 - Info Disclosure

CVE-2019-10446 HIGH

Jenkins Cadence vManager Plugin < 2.7.0 - SSL/TLS and Hostname Verification Disabled

CVE-2019-10444 MEDIUM

Jenkins Bumblebee HP ALM Plugin < 4.1.3 - Improper Certificate Validation

CVE-2019-14823 HIGH

JSS CryptoManager >4.4.6-4.6.0 - Privilege Escalation

CVE-2019-0054 MEDIUM

Juniper Junos OS 15.1X49 < D120 - Man-in-the-Middle via App-ID Signature Update Client

CVE-2019-5506 MEDIUM

NetApp Clustered Data ONTAP >=9.0 <9.6 - Improper Certificate Validation

CVE-2019-16263 HIGH

Twitter Kit framework <3.4.2 - Info Disclosure

CVE-2019-15042 HIGH

JetBrains TeamCity 2018.2.4 - Improper Certificate Validation

CVE-2019-1231 MEDIUM

Microsoft Project Rome - Information Disclosure via Improper SSL/TLS Certificate Validation

CVE-2019-11497 HIGH

Couchbase Server <5.0.0 - Info Disclosure

CVE-2019-16179 MEDIUM

Limesurvey <3.17.14 - Info Disclosure

CVE-2019-3751 MEDIUM

Dell EMC Enterprise Copy Data Management <=3.0 - Unauthenticated MITM via Certificate Validation Bypass

CVE-2019-15525 HIGH

pw3270 < 5.1 - Improper Certificate Validation

CVE-2019-1948 MEDIUM

Cisco Webex Meetings 11.3-39.5 - Unauthenticated Sensitive Data Exposure via Invalid SSL Certificate

CVE-2019-5280 MEDIUM

Huawei CloudLink Phone 7900 V600R019C10 - SSL/TLS Man-in-the-Middle

CVE-2019-14516 HIGH

mAadhaar 1.2.7 - Improper Certificate Validation

Previous Page 38 of 56 Next

Details

Vulnerabilities 1,400

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy