Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,401 vulnerabilities with CWE-295

CVE-2017-1200 LOW

IBM BigFix Compliance 1.7-1.9.91 - Improper Certificate Validation

CVE-2017-1265 LOW

IBM Security Guardium 10.0-10.5 - Improper Certificate Validation

CVE-2017-1622 LOW

IBM QRadar SIEM <7.2.8-7.3 - SSL/TLS Weakness

CVE-2017-7513 MEDIUM

Satellite 5 - SSL/TLS Certificate Spoofing

CVE-2017-13105 MEDIUM

Hi Security Virus Cleaner 3.7.1.1329 - Improper Certificate Validation

CVE-2017-2649 HIGH

Jenkins Active Directory Plugin <= 2.2 - Improper Certificate Validation

CVE-2017-2648 MEDIUM

Jenkins SSH Slaves Plugin < 1.15 - Man-in-the-Middle via Missing Host Key Verification

CVE-2017-2629 MEDIUM

curl < 7.53.0 - Improper TLS Certificate Validation via Status Request Extension

CVE-2017-2623 MEDIUM

rpm-ostree < 2017.3 - Improper Certificate Validation

CVE-2017-12195 MEDIUM

Openshift Container Platform - Authentication Bypass via Elasticsearch Plugin

CVE-2017-2639 MEDIUM

Red Hat CloudForms - Improper Certificate Validation for RHEV and OpenShift Connections

CVE-2017-7562 MEDIUM

Red Hat Enterprise Linux - Authentication Bypass via Improper Certificate Validation

CVE-2017-3182 MEDIUM

ThreatMetrix SDK < 3.2 - Improper Certificate Validation

CVE-2017-7468 MEDIUM

libcurl 7.52.0-7.53.1 - TLS Session Resumption with Changed Client Certificate

CVE-2017-14710 MEDIUM

SHEIN - Fashion Shopping <iOS - Info Disclosure

CVE-2017-14709 HIGH

Komoot - Cycling & Hiking Maps <9.3.2 - XSS

CVE-2017-14612 MEDIUM

Shpock Boot Sale & Classifieds <3.17.0 - XSS

CVE-2017-2836 MEDIUM

FreeRDP - Denial of Service via Crafted Challenge Packet

CVE-2017-6143 MEDIUM

F5 BIG-IP 11.5.0-11.5.5, 11.6.0-11.6.2, 12.0.0-12.1.2 - Improper Certificate Validation in IP Intelligence Subscription

CVE-2017-13863 MEDIUM

iPhone OS < 11.0 - Man-in-the-Middle User Tracking via APNs Client Certificate Transmission

CVE-2017-2667 HIGH

Hammer CLI < 0.10.0 - Improper Certificate Validation

CVE-2017-18227 HIGH

TitanHQ WebTitan Gateway - Improper Certificate Validation in TLS Interception

CVE-2017-7429 HIGH

NetIQ eDirectory PKI plugin <8.8.8.10 - Code Injection

CVE-2017-17455 MEDIUM

Mahara 16.10.0-16.10.6, 17.04.0-17.04.4, 17.10.0-17.10.1 - Improper Certificate Validation

CVE-2017-17301 CRITICAL

Huawei - Path Traversal

Previous Page 45 of 57 Next

Details

Vulnerabilities 1,401

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy