Fallos del tipo CWE-295
685 resultadosCVE-2023-22367MEDIUMIchiran App for iOS versions prior to 3.1.0 and Ichiran App for Android versions prior to 3.1.0 improperly verify server certificates, whichEPSS 0.5%CVE-2025-34199CRITICALVasion Print (formerly PrinterLogic) Insecure SSL Verification Allows Man-in-the-Middle AttacksEPSS 0.5%CVE-2014-8164—A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL::VERIFY_NONE) may lead to verification bypass in Red EPSS 0.5%CVE-2026-7821HIGHImproper certificate validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to EPSS 0.5%CVE-2022-21657MEDIUMX.509 Extended Key Usage and Trust Purposes bypass in EnvoyEPSS 0.5%CVE-2024-25140CRITICALA default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with EnhanEPSS 0.5%CVE-2022-45100HIGH
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation vulnerability. An remote unauthenticated attacker EPSS 0.5%CVE-2023-23546MEDIUMA misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32.3.0.5. A specially-crafted man-in-the-middlEPSS 0.5%CVE-2024-1351HIGHMongoDB Server may allow successful untrusted connectionEPSS 0.5%CVE-2026-30840HIGHWallos: Server-Side Request Forgery (SSRF) in Notification TestersEPSS 0.5%CVE-2025-0500HIGHIssue affecting Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV clientsEPSS 0.5%CVE-2021-29495MEDIUMNim stdlib httpClient does not validate peer certificates by defaultEPSS 0.5%CVE-2020-29504HIGH
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Missing RequEPSS 0.5%CVE-2022-46153HIGHRoutes exposed with an empty TLSOption in traefikEPSS 0.5%CVE-2021-31892—A vulnerability has been identified in SINUMERIK Analyse MyCondition (All versions), SINUMERIK Analyze MyPerformance (All versions), SINUMEREPSS 0.5%CVE-2022-2996—A flaw was found in the python-scciclient when making an HTTPS connection to a server where the server's certificate would not be verified. EPSS 0.5%CVE-2017-7513MEDIUMIt was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host EPSS 0.5%CVE-2007-5967—A flaw in Mozilla's embedded certificate code might allow web sites to install root certificates on devices without user approval.EPSS 0.5%CVE-2021-42027—A vulnerability has been identified in SINUMERIK Edge (All versions < V3.2). The affected software does not properly validate the server cerEPSS 0.5%CVE-2022-45197HIGHSlixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of SlixmEPSS 0.5%