Weaknesses of type CWE-295
685 resultsCVE-2023-5422HIGHSSL Certificates are not checked for E-Mail HandlingEPSS 0.3%CVE-2023-33760MEDIUMSpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdroEPSS 0.3%CVE-2023-22642MEDIUMAn improper certificate validation vulnerability [CWE-295] in FortiAnalyzer and FortiManager 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4.8EPSS 0.3%CVE-2025-0254MEDIUMHCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle (MitM) attacks prior to 9.5 CF226.EPSS 0.3%CVE-2024-35299MEDIUMIn JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communication lacked proper certificate hostname validationEPSS 0.3%CVE-2022-40620HIGHFunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downEPSS 0.3%CVE-2024-39312MEDIUMBotan has an Authorization Error due to Name Constraint Decoding BugEPSS 0.3%CVE-2025-20670MEDIUMIn Modem, there is a possible permission bypass due to improper certificate validation. This could lead to remote information disclosure, ifEPSS 0.3%CVE-2023-31421MEDIUMBeats, Elastic Agent, APM Server, and Fleet Server Improper Certificate Validation issueEPSS 0.3%CVE-2025-34066HIGHAVTECH IP camera, DVR, and NVR Devices Unauthenticated Information DisclosureEPSS 0.3%CVE-2026-41016MEDIUMApache Airflow Providers SMTP: No certificate validation on SMTP STARTTLS connections in SMTP providerEPSS 0.3%CVE-2024-28021HIGHA vulnerability exists in the FOXMAN-UN/UNEM server that affects the message
queueing mechanism’s certificate validation. If exploited an aEPSS 0.3%CVE-2023-50315MEDIUMIBM WebSphere Application Server information disclosureEPSS 0.3%CVE-2026-9258HIGHImproper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlierEPSS 0.3%CVE-2024-55581HIGHWhen AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack beEPSS 0.3%CVE-2026-42769MEDIUMTrust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdateEPSS 0.3%CVE-2026-35560CRITICALImproper certificate validation in identity provider connection components in Amazon Athena ODBC driverEPSS 0.3%CVE-2024-47119MEDIUMIBM Storage Defender - Resiliency Service improper certificate validationEPSS 0.3%CVE-2017-7932—An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, VEPSS 0.3%CVE-2022-43892LOWIBM Security Verify Privilege information disclosureEPSS 0.3%