Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,401 vulnerabilities with CWE-295

CVE-2017-14582 MEDIUM

Zoho Site24x7 Mobile Network Poller <1.1.5 - Info Disclosure

CVE-2017-12228 MEDIUM

Cisco Network Plug and Play - Info Disclosure

CVE-2017-7971 MEDIUM

Schneider Electric PowerSCADA Anywhere 1.0 and Citect Anywhere 1.0 - Improper Certificate Validation

CVE-2017-2299 HIGH

Puppetlabs-apache <1.11.1-2.1.0 - Info Disclosure

CVE-2017-14420 MEDIUM

D-Link DIR-850L Firmware <= FW114WWb07_h2ab_beta1 - Improper Certificate Validation

CVE-2017-14419 MEDIUM

D-Link DIR-850L Firmware - Improper Certificate Validation in mydlink Cloud Services

CVE-2017-6594 HIGH

Heimdal < 7.3 - Improper Certificate Validation via Transit Path Bypass

CVE-2017-8445 MEDIUM

Elastic X-Pack Security 5.0.0-5.5.1 - Improper Certificate Validation in TLS Trust Manager

CVE-2017-11506 HIGH

Nessus < 6.11 - Improper Certificate Validation

CVE-2017-7932 MEDIUM

NXP i.MX and Vybrid Firmware - Improper Certificate Validation

CVE-2017-6664 HIGH

Cisco IOS XE 16.x - Unauthenticated Autonomic Networking Access via Revoked Certificate

CVE-2017-10819 MEDIUM

MaLion for Mac 4.3.0-5.2.1 - Improper Certificate Validation

CVE-2017-2278 MEDIUM

RBB SPEED TEST App for Android <= 2.0.3 and iOS <= 2.1.0 - Improper Certificate Validation

CVE-2017-11364 HIGH

Joomla! - Authenticated Application Takeover via Certificate Transparency Log Abuse

CVE-2017-11132 HIGH

StashCat < 1.5.17 - Improper Certificate Validation

CVE-2017-11501 MEDIUM

NixOS < 17.03 - Improper Certificate Validation in LDAP PAM Module

CVE-2017-1000007 MEDIUM

txaws < 0.4.0 - Exposure of Sensitive Information via Incomplete Certificate Verification

CVE-2017-7726 HIGH

iSmartAlarm cube devices - SSL Certificate Validation Vuln

CVE-2017-7406 CRITICAL

D-Link DIR-615 <20.12PTb04 - Info Disclosure

CVE-2017-3218 HIGH

Samsung Magician < 5.1 - Improper Certificate Validation

CVE-2017-9601 MEDIUM

FNB Kemp Mobile Banking <3.0.2 - XSS

CVE-2017-9600 MEDIUM

Peoples Bank Tulsa - OK app 3.0.2 - XSS

CVE-2017-9599 MEDIUM

FOUNTAIN TRUST COMPANY app <3.2.0 - Info Disclosure

CVE-2017-9598 MEDIUM

Morton Credit Union Mobile Banking 3.0.1 - XSS

CVE-2017-9597 MEDIUM

Blue Ridge Bank and Trust Co. Mobile Banking 3.0.1 - XSS

Previous Page 47 of 57 Next

Details

Vulnerabilities 1,401

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy