Weaknesses of type CWE-295
687 resultsCVE-2024-45205HIGHAn Improper Certificate Validation on the UniFi iOS App managing a standalone UniFi Access Point (not using UniFi Network Application) couldEPSS 0.1%CVE-2026-9758HIGHImproper Certificate Validation in S2OPCEPSS 0.1%CVE-2026-44309MEDIUMgitsign verify accepts signatures over go-git-normalized bytes, enabling trust confusion on malformed commitsEPSS 0.1%CVE-2026-55964MEDIUMChain intermediate CA:TRUE without keyCertSign accepted as a signing CA (temporary CA exemption)EPSS 0.1%CVE-2026-54323MEDIUMDaytona: Git credential leak via git clone with TLS verification disabledEPSS 0.1%CVE-2025-30000MEDIUMA vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). The affected application does not properly restriEPSS 0.1%CVE-2026-0249MEDIUMGlobalProtect App: Certificate Validation Bypass VulnerabilitiesEPSS 0.1%CVE-2019-25652HIGHUniFi Network Controller Improper Certificate Validation Leading to Credential Theft via MITMEPSS 0.1%CVE-2024-0042MEDIUMIn TBD of TBD, there is a possible confusion of OEM and DRM certificates due to improperly used crypto. This could lead to local bypass of DEPSS 0.1%CVE-2025-40896MEDIUMLack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0EPSS 0.1%CVE-2025-44964LOWA lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive informaEPSS 0.1%CVE-2026-8367MEDIUMaria2c Improper Certificate ValidationEPSS 0.1%CVE-2025-8393HIGHDreame Technology iOS and Android Mobile Applications Improper Certificate ValidationEPSS 0.1%CVE-2025-65083LOWGoSign Desktop through 2.4.1 disables TLS certificate validation when configured to use a proxy server. This can be problematic if the GoSigEPSS 0.1%CVE-2026-57289MEDIUMJenkins Bitbucket Push and Pull Request Plugin 3.3.8 and earlier unconditionally disables SSL/TLS certificate and hostname validation for coEPSS 0.1%CVE-2025-2183MEDIUMGlobalProtect App: Improper Certificate Validation Leads to Privilege EscalationEPSS 0.1%CVE-2026-4740HIGHRhacm: open cluster management (ocm): cross-cluster privilege escalation via improper kubernetes client certificate renewal validationEPSS 0.1%CVE-2026-0244MEDIUMPrisma SD-WAN: Improper Certificate Validation VulnerabilityEPSS 0.1%CVE-2026-0248MEDIUMPrisma Access Agent: Improper Certificate Validation VulnerabilityEPSS 0.1%CVE-2025-9785HIGHMisconfigured certificate validation with self-signed certificates for Print DeployEPSS 0.1%