Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,395 vulnerabilities with CWE-295

CVE-2025-44018 HIGH

GL-Inet GL-AXT1800 4.7.0 - Firmware Downgrade

CVE-2025-65083 LOW

GoSign Desktop <2.4.1 - Info Disclosure

CVE-2025-60022 MEDIUM

デジラアプリ iOS < 80.10.00 - Man-in-the-Middle Information Disclosure

CVE-2025-30669 MEDIUM

Zoom Meeting Software Development Kit < 6.5.10 - Improper Certificate Validation

CVE-2025-12765 HIGH

pgAdmin <= 9.9 - Improper Certificate Validation in LDAP Authentication

CVE-2025-12047 MEDIUM

Lenovo Scanner pro - Info Disclosure

CVE-2025-10495 HIGH

Lenovo App Store, PC Manager, Browser, and Legion Zone - Remote Code Execution via Improper Certificate Validation

CVE-2025-40744 HIGH

Solid Edge SE2025 <V225.0 Update 11 - Man in the Middle

CVE-2025-12943 HIGH

NETGEAR RAX30/RAXE300 - Command Injection

CVE-2025-64685 HIGH

JetBrains YouTrack < 2025.3.104432 - Improper TLS Certificate Validation

CVE-2025-64432 MEDIUM

KubeVirt < 1.5.3 and 1.6.0 - Improper Certificate Validation in mTLS Authentication

CVE-2025-56231 CRITICAL

Tonec Internet Download Manager < 6.42.41.1 - Missing SSL Certificate Validation

CVE-2025-54470 HIGH

NeuVector 5.3.0-5.3.4, 5.4.0-5.4.6 - Certificate Validation Bypass and DoS via Telemetry

CVE-2025-58188 HIGH

GO < 1.24.8 - Improper Certificate Validation

CVE-2025-62375 MEDIUM

go-witness < 0.9.1 - Improper Certificate Validation in AWS Attestor

CVE-2025-11619 HIGH

Devolutions Server < 2025.2.15.0 - Improper Certificate Validation

CVE-2025-62371 HIGH

OpenSearch Data Prepper < 2.12.2 - Improper Certificate Validation in OpenSearch Sink and Source Plugins

CVE-2025-6026 LOW

Lenovo Universal Device Client < 25.7.0.21 - Improper Certificate Validation

CVE-2025-10699 MEDIUM

Lenovo LeCloud Client < 2.501.25.0 - Information Disclosure via Improper Certificate Validation

CVE-2025-11695 HIGH

MongoDB Rust Driver < 3.2.5 - Improper Certificate Validation

CVE-2025-11633 LOW

Furbo 360 Dog Camera <036 & Furbo Mini <074 - Improper Certificate Validation

CVE-2025-61778 CRITICAL

Akka.Remote 1.2.0-1.5.51 - Authentication Bypass via Missing Mutual TLS Enforcement

CVE-2025-34235 HIGH

Vasion Print Virtual Appliance < 25.1.102 & Application < 25.1.1413 - Remote Code Execution via Weak SSL/TLS Validation

CVE-2025-10548 MEDIUM

CleverControl employee monitoring software 11.5.1041.6 - Remote Code Execution via TLS Certificate Validation Bypass

CVE-2025-34199 HIGH

Vasion Print Virtual Appliance <20.0.2786 & Host <22.0.1049 TLS/SSL Certificate Validation Flaw

Previous Page 8 of 56 Next

Details

Vulnerabilities 1,395

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy