Fallos del tipo CWE-297
52 resultadosCVE-2018-10936HIGHA weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a hoEPSS 2.9%CVE-2024-2466MEDIUMTLS certificate check bypass with mbedTLSEPSS 1.3%CVE-2020-1887—Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffiEPSS 1.3%CVE-2020-14387—A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate with host mismatch vulnerability. A remote, unEPSS 1.1%CVE-2020-15260MEDIUMExisting TLS connections can be reused without checking remote hostnameEPSS 1.0%CVE-2020-1758MEDIUMA flaw was found in Keycloak in versions before 10.0.0, where it does not perform the TLS hostname verification while sending emails using tEPSS 0.9%CVE-2022-32153HIGHSplunk Enterprise lacked TLS host name validationEPSS 0.8%CVE-2020-11050CRITICALImproper Validation of Certificate with Host Mismatch in Java-WebSocketEPSS 0.8%CVE-2024-34447HIGHAn issue was discovered in the Bouncy Castle Crypto Package For Java before BC TLS Java 1.0.19 (ships with BC Java 1.78, BC Java (LTS) 2.73.EPSS 0.8%CVE-2025-68161MEDIUMApache Log4j Core: Missing TLS hostname verification in Socket appenderEPSS 0.7%CVE-2021-21385HIGHDisabled hostname verification and accepting self-signed certificatesEPSS 0.7%CVE-2025-46408CRITICALAn issue was discovered in the methods push.lite.avtech.com.AvtechLib.GetHttpsResponse and push.lite.avtech.com.Push_HttpService.getNewHttpCEPSS 0.6%CVE-2021-33695MEDIUMPotentially, SAP Cloud Connector, version - 2.0 communication with the backend is accepted without sufficient validation of the certificate.EPSS 0.5%CVE-2022-22305MEDIUMAn improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, EPSS 0.5%CVE-2025-15079MEDIUMlibssh global known_hosts overrideEPSS 0.5%CVE-2024-32868MEDIUMZITADEL's Improper Lockout Mechanism Leads to MFA BypassEPSS 0.5%CVE-2023-5909HIGHImproper Validation of Certificate with Host Mismatch in PTC KEPServerExEPSS 0.4%CVE-2026-34477MEDIUMApache Log4j Core: verifyHostName attribute silently ignored in TLS configuration, allowing hostname verification bypassEPSS 0.4%CVE-2024-8285MEDIUMKroxylicious: missing upstream kafka tls hostname verificationEPSS 0.4%CVE-2025-3501HIGHOrg.keycloak.protocol.services: keycloak hostname verificationEPSS 0.4%