Weaknesses of type CWE-295
685 resultsCVE-2024-40714HIGHAn improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept sensitiveEPSS 0.3%CVE-2022-27644MEDIUMThis vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEPSS 0.3%CVE-2022-40147—A vulnerability has been identified in Industrial Edge Management (All versions < V1.5.1). The affected software does not properly validate EPSS 0.3%CVE-2024-52330CRITICALECOVACS lawnmowers and vacuums do not properly validate TLS certificatesEPSS 0.3%CVE-2024-27323HIGHPDF-XChange Editor Updater Improper Certificate Validation Remote Code Execution VulnerabilityEPSS 0.3%CVE-2026-32293MEDIUMGL-iNet Comet (GL-RM1) KVM insufficient certificate validationEPSS 0.3%CVE-2025-55109CRITICALBMC Control-M/Agent default SSL/TLS configuration authenticated bypassEPSS 0.3%CVE-2020-25680—A flaw was found in JBCS httpd in version 2.4.37 SP3, where it uses a back-end worker SSL certificate with the keystore file's ID is 'unknowEPSS 0.3%CVE-2026-42012HIGHGnutls: gnutls: certificate validation bypass due to improper handling of uri and srv sansEPSS 0.3%CVE-2023-30517MEDIUMJenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier unconditionally disables SSL/TLS certificate and hostname validation when coEPSS 0.3%CVE-2025-66001HIGHNeuVector OpenID Connect is vulnerable to man-in-the-middle (MITM)EPSS 0.3%CVE-2024-43177MEDIUMIBM Concert improper certificate validationEPSS 0.3%CVE-2023-1514HIGHA vulnerability exists in the component RTU500 Scripting interface. When a client connects to a server using TLS, the server presents a certEPSS 0.3%CVE-2026-42791MEDIUMOCSP responder certificate validity period not checked in public_keyEPSS 0.3%CVE-2018-19946MEDIUMThe vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this improper certificate validation vulnerabilitEPSS 0.3%CVE-2025-24471MEDIUMAn Improper Certificate Validation vulnerability [CWE-295] in FortiOS version 7.6.1 and below, version 7.4.7 and below may allow an EAP veriEPSS 0.3%CVE-2025-36041MEDIUMIBM MQ improper certificate validationEPSS 0.3%CVE-2021-32755MEDIUMCertificate pinning is not enforced on the web socket connectionEPSS 0.3%CVE-2026-25644HIGHDataHub's LDAP Ingestion Source vulnerable to MITM attack through TLS downgradeEPSS 0.3%CVE-2024-20385MEDIUMCisco Nexus Dashboard Orchestrator SSL Certificate Validation VulnerabilityEPSS 0.3%