Falhas do tipo CWE-295
685 resultadosCVE-2026-42011HIGHGnutls: gnutls: security bypass due to incorrect name constraint handlingEPSS 0.4%CVE-2016-6562—ShoreTel Mobility Client for iOS and Android, version 9.1.3.109 and earlier, fails to properly validate SSL certificates provided by HTTPS connectionsEPSS 0.4%CVE-2023-25392MEDIUMAllegro Tech BigFlow <1.6 is vulnerable to Missing SSL Certificate Validation.EPSS 0.4%CVE-2021-20328MEDIUMMongoDB Java driver client-side field level encryption not verifying KMS host nameEPSS 0.4%CVE-2024-5261CRITICALTLS certificate are not properly verified when utilizing LibreOfficeKitEPSS 0.4%CVE-2021-3898MEDIUMVersions of Motorola Ready For and Motorola Device Help Android applications prior to 2021-04-08 do not properly verify the server certificaEPSS 0.4%CVE-2023-1664MEDIUMA flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverseEPSS 0.4%CVE-2017-3190—Flash Seats Mobile App for Android version 1.7.9 and earlier and for iOS version 1.9.51 and earlier fails to properly validate SSL certificaEPSS 0.4%CVE-2020-36659HIGHIn Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backEPSS 0.4%CVE-2026-2590CRITICALImproper
enforcement of the Disable password saving in vaults setting in the
connection entry component in Devolutions Remote Desktop ManaEPSS 0.4%CVE-2023-49247—Permission verification vulnerability in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiaEPSS 0.4%CVE-2023-41180—Apache NiFi MiNiFi C++: Incorrect Certificate Validation in InvokeHTTP for MiNiFi C++EPSS 0.4%CVE-2024-28161MEDIUMIn Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control TowEPSS 0.4%CVE-2021-1354MEDIUMCisco Unified Computing System Central Software Improper Certificate Validation VulnerabilityEPSS 0.4%CVE-2022-43705CRITICALIn Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1EPSS 0.4%CVE-2021-22511—Improper Certificate Validation vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affectsEPSS 0.4%CVE-2021-1276HIGHCisco Data Center Network Manager Certificate Validation VulnerabilitiesEPSS 0.4%CVE-2021-1277HIGHCisco Data Center Network Manager Certificate Validation VulnerabilitiesEPSS 0.4%CVE-2025-6032HIGHPodman: podman missing tls verificationEPSS 0.4%CVE-2024-43201HIGHPlanet Fitness Workouts mobile apps do not properly validate TLS certificatesEPSS 0.4%