Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,401 vulnerabilities with CWE-295

CVE-2018-1543 MEDIUM

IBM WebSphere MQ 8.0 and 9.0 - Improper Certificate Validation

CVE-2018-1000605 HIGH

Jenkins CollabNet Plugin <2.0.4 - SSRF

CVE-2018-1000520 HIGH

ARM mbedTLS < 2.7.0 - Improper Certificate Validation via TLS-ECDH-RSA Ciphersuite

CVE-2018-1000500 HIGH

busybox < 1.32.0 - Missing SSL Certificate Validation in wget Applet

CVE-2018-0611 HIGH

ANA App for iOS < 4.0.22 - Improper Certificate Validation

CVE-2018-1153 HIGH

Burp Suite CE <1.7.34 - Info Disclosure

CVE-2018-10377 MEDIUM

PortSwigger Burp Suite <1.7.34 - Info Disclosure

CVE-2018-10408 HIGH

VirusTotal - Improper Certificate Validation via Universal/Fat Binary Inspection

CVE-2018-10406 HIGH

Yelp OSXCollector < 1.10 - Improper Certificate Validation via Universal Binary Inspection

CVE-2018-10405 HIGH

Google Santa and molcodesignchecker - Code Injection

CVE-2018-10404 HIGH

Objective-See Tools - Code Injection

CVE-2018-10403 HIGH

F-Secure XFENCE & Little Flocker - Code Injection

CVE-2018-12257 MEDIUM

Momentum Axel 720P <5.1.8 - Auth Bypass

CVE-2018-0334 MEDIUM

Cisco AnyConnect Secure Mobility Client - Improper Certificate Validation via Simple Certificate Enrollment Protocol

CVE-2018-11712 HIGH

WebKitGTK+ 2.20.0-2.20.1 - Improper Certificate Validation for WebSocket Connections

CVE-2018-4991 CRITICAL

Adobe Creative Cloud < 4.4.1.298 - Improper Certificate Validation

CVE-2018-0277 HIGH

Cisco Identity Services Engine - Denial of Service via EAP-TLS Certificate Validation

CVE-2018-0591 MEDIUM

KINEPASS < 3.1.1 (Android) and < 3.1.2 (iOS) - Improper Certificate Validation

CVE-2018-8119 MEDIUM

Microsoft C/C#/Java Software Development Kit - Spoofing via Improper AMQP Certificate Validation

CVE-2018-4849 HIGH

Siveillance VMS Video < 12.1a - Improper Certificate Validation

CVE-2018-0227 HIGH

Cisco ASA 9.4.4-9.4.4.12 & FTD 6.0-6.0.1.3 SSL VPN Certificate Bypass

CVE-2018-10066 HIGH

MikroTik RouterOS 6.41.4 - Open Redirect

CVE-2018-0553 HIGH

iRemoconWiFi < 4.1.7 - Improper Certificate Validation

CVE-2018-1000151 MEDIUM

Jenkins vSphere Plugin <2.16 - Info Disclosure

CVE-2018-4086 MEDIUM

Apple tvOS < 11.2.5 - Certificate Validation Spoofing via Name Constraints

Previous Page 43 of 57 Next

Details

Vulnerabilities 1,401

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy