Weaknesses of type CWE-295
686 resultsCVE-2023-32994LOWJenkins SAML Single Sign On(SSO) Plugin 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOraEPSS 0.2%CVE-2025-6433CRITICALWebAuthn would allow a user to sign a challenge on a webpage with an invalid TLS certificateEPSS 0.2%CVE-2022-22380MEDIUMIBM Security Verify Privilege improper authenticationEPSS 0.2%CVE-2025-65830CRITICALDue to a lack of certificate validation, all traffic from the mobile application can be intercepted. As a result, an adversary located "upstEPSS 0.2%CVE-2025-20157MEDIUMCisco Catalyst vManage Certificate Validation VulnerabilityEPSS 0.2%CVE-2025-69412LOWKDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing Lookup API (aka phishing API), which miEPSS 0.2%CVE-2025-7390CRITICALBypass the client certificate trust check of an opc.https server while only secure communication is allowedEPSS 0.2%CVE-2026-42789HIGHNon-CA certificate accepted as intermediate issuer in public_key path validationEPSS 0.2%CVE-2025-5279HIGHIssue with Amazon Redshift Python Connector and the BrowserAzureOAuth2CredentialsProvider pluginEPSS 0.2%CVE-2023-6055HIGHImproper Certificate Validation in Bitdefender Total Security HTTPS Scanning (VA-11158)EPSS 0.2%CVE-2026-6860MEDIUMA TCP client can perform a TLS handshake and present the server name extension with a server name that is accepted by a server wildcard nameEPSS 0.2%CVE-2024-6472HIGHAbility to trust not validated macro signatures removed in high security modeEPSS 0.2%CVE-2024-23928MEDIUMPioneer DMH-WT7600NEX Telematics Improper Certificate ValidationEPSS 0.2%CVE-2024-10444HIGHImproper certificate validation vulnerability in the LDAP utilities in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-EPSS 0.2%CVE-2025-46788HIGHZoom Workplace for Linux - Improper Certificate ValidationEPSS 0.2%CVE-2025-11633MEDIUMTomofun Furbo 360/Furbo Mini HTTP Traffic collect_logs.sh upload_file_to_s3 certificate validationEPSS 0.2%CVE-2025-54809HIGHF5 Access for Android vulnerabilityEPSS 0.2%CVE-2026-25160CRITICALAlist has Insecure TLS ConfigEPSS 0.2%CVE-2024-31955MEDIUMAn issue was discovered in Samsung eMMC with KLMAG2GE4A and KLM8G1WEMB firmware. Code bypass through Electromagnetic Fault Injection allows EPSS 0.2%CVE-2025-10699MEDIUMA vulnerability was reported in the Lenovo LeCloud client application that, under certain conditions, could allow information disclosure.EPSS 0.2%