Weaknesses of type CWE-295
685 resultsCVE-2024-48915HIGHAgent Dart missing certificate verification checksEPSS 0.4%CVE-2024-10445MEDIUMImproper certificate validation vulnerability in the update functionality in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskEPSS 0.4%CVE-2025-10548MEDIUMMissing Certificate Validation in CleverControl Installer Allows Remote Code ExecutionEPSS 0.4%CVE-2022-45458MEDIUMSensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis AgeEPSS 0.4%CVE-2022-45457MEDIUMSensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis AgeEPSS 0.4%CVE-2022-34394LOWDell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker EPSS 0.3%CVE-2023-51662MEDIUMSnowflake Connector .NET does not properly check the Certificate Revocation List (CRL)EPSS 0.3%CVE-2025-32878CRITICALAn issue was discovered on COROS PACE 3 devices through 3.0808.0. It implements a function to connect the watch to a WLAN. This function is EPSS 0.3%CVE-2024-48460MEDIUMAn issue in Eugeny Tabby 1.0.213 allows a remote attacker to obtain sensitive information via the server and sends the SSH username and passEPSS 0.3%CVE-2017-3182—On the iOS platform, the ThreatMetrix SDK versions prior to 3.2 fail to validate SSL certificates provided by HTTPS connections, which may allow an attacker to perform a man-in-the-middle (MITM) attackEPSS 0.3%CVE-2025-30024MEDIUMThe communication protocol used between client
and server had a flaw that could be leveraged to execute a man in the middle attack.EPSS 0.3%CVE-2017-3218—Samsung Magician 5.0 fails to validate TLS certificates for HTTPS software update traffic. Prior to version 5.0, Samsung Magician uses HTTP EPSS 0.3%CVE-2023-28807MEDIUMBypass of ZIA domain fronting detection module through evasion techniqueEPSS 0.3%CVE-2022-1632—An Improper Certificate Validation attack was found in Openshift. A re-encrypt Route with destinationCACertificate explicitly set to the defEPSS 0.3%CVE-2023-50949MEDIUMIBM QRadar improper certificate validationEPSS 0.3%CVE-2022-42131MEDIUMCertain Liferay products are affected by: Missing SSL Certificate Validation in the Dynamic Data Mapping module's REST data providers. This EPSS 0.3%CVE-2024-4063LOWEZVIZ CS-C6-21WFR-8 Davinci Application certificate validationEPSS 0.3%CVE-2020-12144MEDIUMThe certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validatedEPSS 0.3%CVE-2020-12143MEDIUMThe certificate used to identify Orchestrator to EdgeConnect devices is not validatedEPSS 0.3%CVE-2024-28162MEDIUMIn Jenkins Delphix Plugin 3.0.1 through 3.1.0 (both inclusive) a global option for administrators to enable or disable SSL/TLS certificate vEPSS 0.3%