Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,402 vulnerabilities with CWE-295

PostgreSQL <8.4.11, <9.0.7, <9.1.3 - Info Disclosure

CVE-2011-2669 MEDIUM

Firefox < 3.6 - Denial of Service via Certificate Validation Issue

CVE-2011-2207 MEDIUM

GnuPG < 2.1.0 - Denial of Service via Crafted Certificate

Google Chrome < 18.0.1025.142 - Improper Certificate Validation in SPDY Proxy

Google Chrome < 17.0.963.56 - Denial of Service via Empty X.509 Certificate

Google Chrome < 14.0.835.163 - Improper Certificate Validation

CVE-2011-0199 MEDIUM

Apple Mac OS X <10.6.8 - Info Disclosure

CVE-2010-4533 CRITICAL

Debian Linux < 6.3.4 - Improper Certificate Validation

CVE-2010-4532 MEDIUM

Debian Linux < 6.3.2 - Improper Certificate Validation

CVE-2010-4237 MEDIUM

Mercurial < 1.6.4 - Improper Certificate Validation

Cisco IOS <15.0(1)XA1 - Auth Bypass

CVE-2010-1378 CRITICAL

OpenSSL - Certificate Authentication Bypass

CVE-2009-4123 HIGH

jruby-openssl <0.6 - Info Disclosure

CVE-2009-3552 LOW

Red Hat Enterprise Virtualization Manager 2.2.0 - Improper Certificate Validation

Trillian 3.1 Basic - Improper Certificate Validation during MSN Authentication

CVE-2009-3555 CRITICAL

Apache HTTP Server < 2.2.14 - Plaintext Injection via TLS Renegotiation

OpenLDAP < 2.4.18 - Improper Certificate Validation via Null Byte in CN Field

CVE-2009-3046 HIGH

Opera < 10.00 - Improper Certificate Validation

GnuTLS < 2.6.4 - Improper Certificate Validation via MD2 Hash Collision

CVE-2009-2408 MEDIUM

Mozilla NSS <3.12.3 - Info Disclosure

CVE-2009-0265 HIGH

ISC BIND < 9.6.0 - Certificate Chain Validation Bypass via OpenSSL EVP_VerifyFinal

CVE-2008-4989 MEDIUM

GnuTLS < 2.6.1 - Improper Certificate Validation

CVE-2007-5967 MEDIUM

Firefox - Improper Certificate Validation

CVE-2006-7246 MEDIUM

NetworkManager 0.9.0-0.9.9.98 - Improper Certificate Validation

CVE-2005-3170 MEDIUM

Microsoft Windows 2000 <Update Rollup 1 for SP4 - Info Disclosure

Previous Page 56 of 57 Next

Details

Vulnerabilities 1,402

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy