Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-295

CWE-295

Improper Certificate Validation

Parent: CWE-287 - Improper Authentication

The product does not validate, or incorrectly validates, a certificate.

1,395 vulnerabilities with CWE-295

CVE-2025-59353 HIGH

Dragonfly < 2.1.0 - Improper Certificate Validation via mTLS Authentication Bypass

CVE-2025-59347 MEDIUM

Dragonfly < 2.1.0 - Improper Certificate Validation in HTTP Clients

CVE-2025-35434 MEDIUM

CISA Thorium < 1.1.2 - Unauthenticated TLS Certificate Validation Bypass in Elasticsearch Connection

CVE-2025-9708 MEDIUM

Kubernetes C# client - Man-in-the-Middle

CVE-2025-55109 CRITICAL

Control-M/Agent <9.0.20 - Auth Bypass

CVE-2025-50944 HIGH

AVTECH EagleEyes 2.0.0 - Info Disclosure

CVE-2025-58781 MEDIUM

WTW-EAGLE App for iOS < 4.4.1 and Android < 4.4.0.10 - Improper Certificate Validation

CVE-2025-9785 HIGH

PaperCut Print Deploy - Info Disclosure

CVE-2025-33099 MEDIUM

IBM Concert Software <1.1.0 - Man In The Middle

CVE-2025-30278 HIGH

Qsync Central <4.5.0.7 - Info Disclosure

CVE-2025-30277 HIGH

Qsync Central <4.5.0.7 - Info Disclosure

CVE-2025-58127 MEDIUM

Checkmk Exchange Dell Powerscale Plugin - Improper Certificate Validation

CVE-2025-58126 MEDIUM

Checkmk Exchange VMware vSAN Plugin - Improper Certificate Validation

CVE-2025-58125 MEDIUM

pawelko freebox_v6_agent - Improper Certificate Validation

CVE-2025-58124 MEDIUM

check_mk_python_api - Improper Certificate Validation

CVE-2025-58123 MEDIUM

Checkmk Exchange BGP Monitoring - Improper Certificate Validation

CVE-2025-7390 CRITICAL

OPC UA C++ SDK 6.40-6.79 and >=6.80.1 - Improper Certificate Validation

CVE-2025-33142 MEDIUM

IBM WebSphere App Server <9.0 - Info Disclosure

CVE-2025-0309 MEDIUM

Netskope Client - Privilege Escalation

CVE-2025-2183 MEDIUM

Palo Alto GlobalProtect - Auth Bypass

CVE-2025-54809 HIGH

F5 Access for Android 3.1.0-3.1.1 - Improper Certificate Validation

CVE-2025-8393 HIGH

Dreamehome iOS app < 2.3.4 and Android app < 2.1.8.8 - Improper Certificate Validation

CVE-2025-20215 MEDIUM

Cisco Webex Meetings - Privilege Escalation

CVE-2025-48393 MEDIUM

Eaton G4 PDU < 3.5.0 - Man-in-the-Middle via Insecure Firmware Upgrade Certificate Validation

CVE-2025-2028 MEDIUM

Check Point Log Server - Improper Certificate Validation

Previous Page 9 of 56 Next

Details

Vulnerabilities 1,395

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy