Weaknesses of type CWE-295
685 resultsCVE-2023-50314MEDIUMIBM WebSphere Application Server Libery information disclosureEPSS 0.3%CVE-2022-48186MEDIUMA certificate validation vulnerability exists in the Baiying Android application which could lead to information disclosure.EPSS 0.3%CVE-2025-67229CRITICALAn improper certificate validation vulnerability exists in ToDesktop Builder v0.32.1 This vulnerability allows an unauthenticated, on-path aEPSS 0.3%CVE-2026-44700HIGHElixir WebRTC: Missing DTLS peer fingerprint validation in ex_webrtc client-role handshakeEPSS 0.3%CVE-2026-1531HIGHForeman-kubevirt: foreman_kubevirt: man-in-the-middle due to insecure default ssl verificationEPSS 0.3%CVE-2026-1530HIGHFog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validationEPSS 0.3%CVE-2026-53475CRITICALAssisted-migration-agent: tls verification disabled on all vcenter connectionsEPSS 0.3%CVE-2024-28067MEDIUMA vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle (MITM) attacker to downgrade the security mode of packets going to tEPSS 0.3%CVE-2025-33142MEDIUMIBM WebSphere Application Server information disclosureEPSS 0.3%CVE-2026-32992HIGHSSL verification is disabled in the DNS Cluster system. This could allow for a malicious server to man-in-the-middle the request and captureEPSS 0.3%CVE-2025-32407MEDIUMSamsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does not properly validate TLS certificates, allEPSS 0.3%CVE-2024-40702HIGHIBM Cognos Controller improper certificate validationEPSS 0.3%CVE-2023-32464LOW
Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potEPSS 0.2%CVE-2025-50944HIGHAn issue was discovered in the method push.lite.avtech.com.MySSLSocketFactoryNew.checkServerTrusted in AVTECH EagleEyes 2.0.0. The custom X5EPSS 0.2%CVE-2023-47742MEDIUMIBM QRadar Suite information dislosureEPSS 0.2%CVE-2024-53846MEDIUMssl fails to validate incorrect extened key usageEPSS 0.2%CVE-2023-31151MEDIUMImproper Certificate ValidationEPSS 0.2%CVE-2025-54607HIGHAuthentication management vulnerability in the ArkWeb module.
Impact: Successful exploitation of this vulnerability may affect service confiEPSS 0.2%CVE-2025-6433CRITICALWebAuthn would allow a user to sign a challenge on a webpage with an invalid TLS certificateEPSS 0.2%CVE-2026-1778HIGHTLS disabled by default in select aws/sagemaker-python-sdk configurationsEPSS 0.2%