Weaknesses of type CWE-295
686 resultsCVE-2026-48249HIGHOpen ISES Tickets < 3.44.2 Disabled TLS Certificate Verification in rm/incs/mobile_login.inc.phpEPSS 0.2%CVE-2025-52598MEDIUMInsufficient certificate validationEPSS 0.2%CVE-2025-0309MEDIUMNetskope Client Local Elevation of PrivilegesEPSS 0.2%CVE-2026-40243LOWIncus OVN TLS verification accepts peer-supplied roots and permits endpoint impersonationEPSS 0.2%CVE-2024-5918MEDIUMPAN-OS: Improper Certificate Validation Enables Impersonation of a Legitimate GlobalProtect UserEPSS 0.2%CVE-2023-6043HIGHA privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker to bypass integrity checks and executeEPSS 0.2%CVE-2025-70058HIGHAn issue pertaining to CWE-295: Improper Certificate Validation was discovered in YMFE yapi v1.12.0. The application disables TLS/SSL certifEPSS 0.2%CVE-2025-70045HIGHAn issue pertaining to CWE-295: Improper Certificate Validation was discovered in jxcore jxm master. The application disables TLS/SSL certifEPSS 0.2%CVE-2026-48246HIGHOpen ISES Tickets < 3.44.2 Disabled TLS Certificate Verification in ajax/reports.phpEPSS 0.2%CVE-2026-45745HIGHTermix has improper certificate validation in Electron desktop client that enables MITM credential/token theftEPSS 0.2%CVE-2025-12047MEDIUMA vulnerability was reported in the Lenovo Scanner pro application during an internal security assessment that, under certain circumstances,EPSS 0.2%CVE-2025-36005MEDIUMIBM MQ Operator information disclosureEPSS 0.2%CVE-2024-30149MEDIUMHCL AppScan Source is affected by an expired TLS/SSL certificateEPSS 0.2%CVE-2021-21559HIGHDell EMC NetWorker, versions 18.x, 19.1.x, 19.2.x 19.3.x, 19.4, and 19.4.0.1 contain an Improper Certificate Validation vulnerability in theEPSS 0.2%CVE-2025-20126MEDIUMCisco ThousandEyes Endpoint Agent Certificate Validation VulnerabilityEPSS 0.2%CVE-2024-9160MEDIUMSecurity Misconfiguration in Forge module PEADMEPSS 0.2%CVE-2026-48697HIGHFastNetMon Community Edition through 1.2.9 does not verify TLS certificates on outbound HTTPS connections. The execute_web_request_secure() EPSS 0.2%CVE-2026-0233LOWAutonomous Digital Experience Manager: Improper validation of ADEM certificateEPSS 0.2%CVE-2025-14022HIGHLINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financialEPSS 0.2%CVE-2026-42225HIGHGnuTLS backend silently skips certificate chain verification when verify_peer is falseEPSS 0.2%