Weaknesses of type CWE-295
685 resultsCVE-2023-3615HIGHLack of server certificate validation in websockets connectionEPSS 0.3%CVE-2025-28169HIGHBYD QIN PLUS DM-i Dilink OS v3.0_13.1.7.2204050.1 to v3.0_13.1.7.2312290.1_0 was discovered to cend broadcasts to the manufacturer's cloud sEPSS 0.3%CVE-2025-9708MEDIUMKubernetes C# Client: improper certificate validation in custom CA mode may lead to man-in-the-middle attacksEPSS 0.3%CVE-2023-33757MEDIUMA lack of SSL certificate validation in Splicecom iPCS (iOS App) v1.3.4, iPCS2 (iOS App) v2.8 and before, and iPCS (Android App) v1.8.5 and EPSS 0.3%CVE-2023-40104HIGHIn ca-certificates, there is a possible way to read encrypted TLS data due to untrusted cryptographic certificates. This could lead to remotEPSS 0.3%CVE-2024-6001HIGHAn improper certificate validation vulnerability was reported in LADM that could allow a network attacker with the ability to redirect an upEPSS 0.3%CVE-2024-50394HIGHHelpdeskEPSS 0.3%CVE-2023-24461HIGHBIG-IP Edge Client for Windows and macOS vulnerabilityEPSS 0.3%CVE-2022-32509HIGHAn issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on HTTP communications allows attackers to inEPSS 0.3%CVE-2024-20080CRITICALIn gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation ofEPSS 0.3%CVE-2026-27134HIGHStrimzi: All CAs from a custom CA chain consisting of multiple CAs are trusted for mTLS user autenticationEPSS 0.3%CVE-2024-29887HIGHServerpod client accepts any certificateEPSS 0.3%CVE-2021-3636—It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additionalEPSS 0.3%CVE-2024-25053MEDIUMIBM Cognos Analytics improper certificate validationEPSS 0.3%CVE-2025-70029HIGHAn issue in Sunbird-Ed SunbirdEd-portal v1.13.4 allows attackers to obtain sensitive information. The application disables TLS/SSL certificaEPSS 0.3%CVE-2022-4895HIGHMan-in-the-middle attack Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center AnalyzerEPSS 0.3%CVE-2023-21265HIGHIn multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no adEPSS 0.3%CVE-2023-33295MEDIUMCohesity DataProtect prior to 6.8.1_u5 or 7.1 was discovered to have a incorrect access control vulnerability due to a lack of TLS CertificaEPSS 0.3%CVE-2026-9697HIGHundici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgentEPSS 0.3%CVE-2022-39948MEDIUMAn improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all veEPSS 0.3%