CWE-295— Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.— MITRE CWE catalog
1,227 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-295page 19 of 25
- CVE-2024-47258HIGHCVSS 8.1EG 8.12025-02-06
2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle attack due to not verifying certificates of 2N edge devices. 2N has currently released an updated version 3.3 of 2N Access Commander, wi…
- CVE-2024-47477MEDIUMCVSS 6.5EG 6.52026-06-17
Dell PowerFlex Manager, versions prior to 4.5.1.1, contain an improper certificate validation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability leading to man-in-the-middle attack in tandem with …
- CVE-2024-47619HIGHCVSS 7.5EG 7.52025-05-07
syslog-ng is an enhanced log daemo. Prior to version 4.8.2, `tls_wildcard_match()` matches on certificates such as `foo.*.bar` although that is not allowed. It is also possible to pass partial wildcards such as `foo.a*c.bar` which glib mat…
- CVE-2024-4762HIGHCVSS 7.8EG 7.82024-12-16
An improper validation vulnerability was reported in the firmware update mechanism of LADM and LDCC that could allow a local attacker to escalate privileges.
- CVE-2024-4786LOWCVSS 2.8EG 2.82024-07-26
An improper validation vulnerability was reported in the Lenovo Tab K10 that could allow a specially crafted application to keep the device on.
- CVE-2024-48460MEDIUMCVSS 4.3EG 4.32025-01-16
An issue in Eugeny Tabby 1.0.213 allows a remote attacker to obtain sensitive information via the server and sends the SSH username and password even when the host key verification fails.
- CVE-2024-48865HIGHCVSS 7.5EG 7.52024-12-06
An improper certificate validation vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow attackers with local network access to compromise the security of the system. …
- CVE-2024-48915HIGHCVSS 8.7EG 8.72024-10-15
Agent Dart is an agent library built for Internet Computer for Dart and Flutter apps. Prior to version 1.0.0-dev.29, certificate verification in `lib/agent/certificate.dart` does not occur properly. During the delegation verification in th…
- CVE-2024-49369CRITICALCVSS 9.8EG 9.82024-11-12
Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0 was flaw…
- CVE-2024-49782MEDIUMCVSS 6.8EG 6.82025-02-20
IBM OpenPages with Watson 8.3 and 9.0 could allow a remote attacker to spoof mail server identity when using SSL/TLS security. An attacker could exploit this vulnerability to gain access to sensitive information disclosed through emai…
- CVE-2024-50394HIGHCVSS 8.8EG 8.82025-03-07
An improper certificate validation vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the f…
- CVE-2024-50691HIGHCVSS 7.4EG 7.42025-02-26
SunGrow iSolarCloud Android app V2.1.6.20241104 and prior suffers from Missing SSL Certificate Validation. The app explicitly ignores certificate errors and is vulnerable to MiTM attacks. Attackers can impersonate the iSolarCloud server an…
- CVE-2024-51774HIGHCVSS 8.1EG 8.12024-11-02
qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors.
- CVE-2024-52329HIGHCVSS 7.4EG 7.42025-01-23
ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic and obtain authentication tokens.
- CVE-2024-52330HIGHCVSS 7.4EG 7.42025-01-23
ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic, possibly modifying firmware updates.
- CVE-2024-52510MEDIUMCVSS 4.2EG 4.22024-11-15
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty ini…
- CVE-2024-5261CRITICALCVSS 9.8EG 9.82024-06-25
Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS certification verification LibreOfficeKit can be used for accessing LibreOffice functionality through C/C++. Typically this is used by third …
- CVE-2024-53846MEDIUMCVSS 5.5EG 5.52024-12-05
OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design principles for Erlang programs. A regression was introduced into the ssl appli…
- CVE-2024-54147MEDIUMCVSS 6.8EG 6.82024-12-09
Altair is a GraphQL client for all platforms. Prior to version 8.0.5, Altair GraphQL Client's desktop app does not validate HTTPS certificates allowing a man-in-the-middle to intercept all requests. Any Altair users on untrusted networks (…
- CVE-2024-5445LOWCVSS 3.8EG 3.82024-08-12
Ecosystem Agent version 4 < 4.1.5.2597 and Ecosystem Agent version 5 < 5.1.4.2473 did not properly validate SSL/TLS certificates, which could allow a malicious actor to perform a Man-in-the-Middle and intercept traffic between the agent an…
- CVE-2024-54846MEDIUMCVSS 5.9EG 5.92025-01-10
An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the EC private key and access sensitive data or execute a man-in-the-middle attack.
- CVE-2024-54847MEDIUMCVSS 5.9EG 5.92025-01-10
An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to access the Diffie-Hellman (DH) parameters and access sensitive data or execute a man-in-the-middle attack.
- CVE-2024-54848HIGHCVSS 7.4EG 7.42025-01-10
Improper handling and storage of certificates in CP Plus CP-VNR-3104 B3223P22C02424 allow attackers to decrypt communications or execute a man-in-the-middle attacks.
- CVE-2024-54849MEDIUMCVSS 5.9EG 5.92025-01-10
An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the second RSA private key and access sensitive data or execute a man-in-the-middle attack.
- CVE-2024-55581HIGHCVSS 7.4EG 7.42025-02-26
When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate (unless the using program specifies …
- CVE-2024-56521CRITICALCVSS 9.8EG 9.82024-12-27
An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely.
- CVE-2024-5918MEDIUMCVSS 4.3EG 4.32024-11-14
An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client certificate to connect to an impacted GlobalProtect portal or GlobalProtect gateway as a diff…
- CVE-2024-5921HIGHCVSS 8.8EG 8.82024-11-27
An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an atta…
- CVE-2024-6001HIGHCVSS 8.1EG 8.12024-12-16
An improper certificate validation vulnerability was reported in LADM that could allow a network attacker with the ability to redirect an update request to a remote server and execute code with elevated privileges.
- CVE-2024-6156LOWCVSS 3.8EG 3.82024-12-06
Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store.
- CVE-2024-6219LOWCVSS 3.8EG 3.82024-12-06
Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoured.
- CVE-2024-6472HIGHCVSS 7.8EG 7.82024-08-05
Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is o…
- CVE-2024-7206HIGHCVSS 7.0EG 7.02024-10-08
SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware
- CVE-2024-7383HIGHCVSS 7.4EG 5.92024-08-05
A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic.
- CVE-2024-7570HIGHCVSS 8.3EG 8.32024-08-13
Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows a remote attacker in a MITM position to craft a token that would allow access to ITSM as any user.
- CVE-2024-8007HIGHCVSS 8.1EG 7.52024-08-21
A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform (RHOSP) director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verificat…
- CVE-2024-8096MEDIUMCVSS 6.5EG 6.52024-09-11
When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response…
- CVE-2024-8285MEDIUMCVSS 5.9EG 5.92024-08-30
A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a succe…
- CVE-2024-8287HIGHCVSS 7.5EG 7.52024-09-18
Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS certificate provided to it by the Anbox Stream Agent. An attacker must be able to machine-in-the-middle the Anbox Stream Agent from within an internal n…
- CVE-2024-9160MEDIUMCVSS 5.4EG 5.42024-09-27
In versions of the PEADM Forge Module prior to 3.24.0 a security misconfiguration was discovered.
- CVE-2025-0239MEDIUMCVSS 4.0EG 4.02025-01-07
When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability was fixed in Firefox 134, Firefox ESR 128.6, Thunderbird 134, and Thunderbird 128.6.
- CVE-2025-0254MEDIUMCVSS 5.9EG 5.92025-03-20
HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle (MitM) attacks prior to 9.5 CF226. An attacker could intercept and potentially alter communication between two parties.
- CVE-2025-0309MEDIUMCVSS 6.0EG 6.02025-08-14
An insufficient validation on the server connection endpoint in Netskope Client allows local users to elevate privileges on the system. The insufficient validation allows Netskope Client to connect to any other server with Public Signed CA…
- CVE-2025-0500HIGHCVSS 7.5EG 7.52025-01-15
An issue in the native clients for Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV Clients may allow an attacker to access remote sessions via man-in-the-middle.
- CVE-2025-0501HIGHCVSS 7.5EG 7.52025-01-15
An issue in the native clients for Amazon WorkSpaces (when running PCoIP protocol) may allow an attacker to access remote sessions via man-in-the-middle.
- CVE-2025-1001MEDIUMCVSS 5.7EG 5.72025-02-21
Medixant RadiAnt DICOM Viewer is vulnerable due to failure of the update mechanism to verify the update server's certificate which could allow an attacker to alter network traffic and carry out a machine-in-the-middle attack (MITM). An att…
- CVE-2025-1002MEDIUMCVSS 5.7EG 5.72025-02-10
MicroDicom DICOM Viewer version 2024.03 fails to adequately verify the update server's certificate, which could make it possible for attackers in a privileged network position to alter network traffic and carry out a machine-in-the-middl…
- CVE-2025-1014HIGHCVSS 8.8EG 8.82025-02-04
Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135.
- CVE-2025-10495HIGHCVSS 7.5EG 7.52025-11-12
A potential vulnerability was reported in the Lenovo PC Manager, Lenovo App Store, Lenovo Browser, and Lenovo Legion Zone client applications that, under certain conditions, could allow an attacker on the same logical network to execute ar…
- CVE-2025-10539MEDIUMCVSS 4.8EG 4.82026-04-28
Due to improper TLS certificate validation in the DeskTime Time Tracking App before version 1.3.674, attackers who can position themselves in the network path between the client and the DeskTime update servers can return a malicious execut…
Map vulnerabilities like CWE-295 to your infrastructure
EchelonGraph correlates every CVE — across CWE-295 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →