CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,401 vulnerabilities with CWE-295
CVE-2018-9127 CRITICAL
Botan 2.2.0-2.4.0 - Improper Certificate Validation
CVSS 9.8
CVE-2018-5466 HIGH
Philips IntelliSpace Portal - Info Disclosure
CVSS 7.5
CVE-2018-5464 HIGH
Philips IntelliSpace Portal - Info Disclosure
CVSS 7.5
CVE-2018-5462 HIGH
Philips IntelliSpace Portal - Info Disclosure
CVSS 7.5
CVE-2018-8970 HIGH
LibreSSL 2.7.0 - Improper Certificate Validation via Zero-Length Hostname
CVSS 7.4
CVE-2018-5502 HIGH
F5 BIG-IP 13.0.0-13.1.0.3 - Denial of Service via Malicious Client Certificate
CVSS 7.5
CVE-2018-6221 HIGH
Trend Micro Email Encryption Gateway 5.5 - Unvalidated Software Update
CVSS 8.1
CVE-2018-6219 MEDIUM
Trend Micro Email Encryption Gateway 5.5 - Insecure Update via HTTP
CVSS 6.5
CVE-2018-1000096 HIGH
tiny-json-http 1.0.0-6.9.9 - Improper Certificate Validation
CVSS 8.1
CVE-2018-8059 HIGH
SUSE Portus 2.3 - Missing SSL Certificate Validation
CVSS 8.8
CVE-2018-7234 HIGH
Schneider Electric Pelco Sarix Professional < 3.29.67 - Arbitrary File Download via Improper Certificate Validation
CVSS 7.5
CVE-2018-0518 MEDIUM
LINE for iOS 7.1.3-7.1.5 - Improper Certificate Validation
CVSS 5.9
CVE-2018-6827 HIGH
VOBOT CLOCK < 0.99.30 - Improper Certificate Validation via Wget
CVSS 8.1
CVE-2018-6374 MEDIUM
Pulse Secure Desktop Linux Client < 5.2r9.2 and 5.3.x < 5.3r4.2 - Improper Certificate Validation in PulseUI
CVSS 6.5
CVE-2018-5761 HIGH
Rubrik CDM <4.0.4-p2 - Info Disclosure
CVSS 8.1
CVE-2018-5258 MEDIUM
Neon app <1.6.14 iOS - Info Disclosure
CVSS 5.9
CVE-2018-0786 HIGH
.NET Framework 2.0 SP2-4.7.1, .NET Core 1.0-2.0, PowerShell Core 6.0.0 Security Feature Bypass
CVSS 7.5
CVE-2017-18918 MEDIUM
Mattermost Server <3.7.3, <3.6.5 - Path Traversal
CVSS 4.9
CVE-2017-18911 CRITICAL
Mattermost Server <3.8.2-3.6.7 - Info Disclosure
CVSS 9.1
CVE-2017-18909 HIGH
Mattermost Server <3.9.0 - Info Disclosure
CVSS 7.5
CVE-2017-14806 LOW
SUSE Studio onsite <1.3.17-56.6.3 - MITM
CVSS 3.7
CVE-2017-18588 MEDIUM
security-framework <0.1.12 - SSL/TLS Info Disclosure
CVSS 5.3
CVE-2017-18479 MEDIUM
cPanel 11.54.0.0-11.54.0.35 - Improper Certificate Validation in WHM SSL Certificate Generation
CVSS 6.5
CVE-2017-17945 CRITICAL
ASUS HiVivo < 5.6.27 - Missing SSL Certificate Validation
CVSS 9.1
CVE-2017-17944 CRITICAL
ASUS Vivobaby < 1.1.09 - Improper Certificate Validation
CVSS 9.1
Details
Vulnerabilities 1,401
Links
MITRE CWE Entry Search this CWE With Exploits