Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,400 vulnerabilities with CWE-295

CVE-2018-5408 HIGH

PrinterLogic Print Management <18.3.1.96 - Man-in-the-Middle

CVE-2018-20200 MEDIUM

OkHttp 3.0.0-3.12.0 - Certificate Pinning Bypass via SSLContext Manipulation

CVE-2018-4436 HIGH

iPhone OS < 12.1.1 - Improper Certificate Validation in Configuration Profiles

CVE-2018-5926 CRITICAL

HP Remote Graphics Software <7.5.0 - Info Disclosure

CVE-2018-6517 HIGH

chloride < 0.3.0 - Improper Certificate Validation via net-ssh Host Fingerprint Handling

CVE-2018-11747 CRITICAL

Puppet Discovery < 1.4.0 - Improper Certificate Validation

CVE-2018-12205 MEDIUM

Intel Platform Sample/Silicon Reference Firmware - Improper Certificate Validation

CVE-2018-20245 HIGH

Apache Airflow <1.10.1 - Info Disclosure

CVE-2018-15784 HIGH

Dell Networking OS10 < 10.4.3.0 - Improper Certificate Validation in Phone Home Feature

CVE-2018-16187 MEDIUM

Ricoh D2200 Firmware < 2.2 - Improper Certificate Validation

CVE-2018-16179 MEDIUM

Mizuho Direct App < 3.13.0 - Improper Certificate Validation

CVE-2018-1320 HIGH

Apache Thrift 0.5.0-0.11.0 - Improper Certificate Validation in SASL Negotiation

CVE-2018-4015 HIGH

Webroot BrightCloud SDK - Improper Certificate Validation in HTTP Client

CVE-2018-16875 MEDIUM

Go <1.10.6/1.11.x - DoS

CVE-2018-19982 MEDIUM

KT MC01507L Z-Wave S0 - Info Disclosure

CVE-2018-0691 MEDIUM

KDDI, NTT DOCOMO, and Softbank +Message Apps - Improper Certificate Validation

CVE-2018-17187 HIGH

Apache Qpid Proton-J 0.3-0.29.0 - Improper Certificate Validation in TLS Transport Wrapper

CVE-2018-17612 HIGH

Sennheiser HeadSetup <7.3.4903 - SSL/TLS Spoofing

CVE-2018-15326 HIGH

BIG-IP APM Improper Certificate Validation in CRLDP Auth Access Policy Agent

CVE-2018-18568 MEDIUM

Polycom Unified Communications Software < 5.8.0.12848 - Improper Certificate Validation

CVE-2018-18567 MEDIUM

AudioCodes 440HD and 450HD Firmware < 3.1.2.89 - Improper Certificate Validation

CVE-2018-15387 CRITICAL

Cisco SD-WAN Solution - Auth Bypass

CVE-2018-0434 HIGH

Cisco SD-WAN < 18.3.0 - Unauthenticated Sensitive Data Exposure via ZTP

CVE-2018-12087 MEDIUM

OPC Foundation UA Client - Info Disclosure

CVE-2018-1509 LOW

IBM Security Guardium EcoSystem 10.5 - Improper Certificate Validation

Previous Page 41 of 56 Next

Details

Vulnerabilities 1,400

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy