Weaknesses of type CWE-295
695 resultsCVE-2025-66491MEDIUMTraefik has Inverted TLS Verification Logic in its ingress-nginx ProviderEPSS 0.2%CVE-2026-33308MEDIUMmod_gnutls missing key purpose check in client certificate verificationEPSS 0.2%CVE-2026-24933HIGHAn improper certificate validation vulnerability was found in ADM while sending HTTPS requests to the server.EPSS 0.2%CVE-2021-20327MEDIUMMongoDB Node.js client side field level encryption library may not be validating KMS certificateEPSS 0.2%CVE-2023-33861MEDIUMIBM Security ReaQta improper certificate validationEPSS 0.2%CVE-2025-2669MEDIUMMultiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data.EPSS 0.2%CVE-2025-64685HIGHIn JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosureEPSS 0.2%CVE-2023-50178HIGHAn improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2.0 through 7.2.3, 7.1 all versions, 7.0 all versions, 6.2 aEPSS 0.2%CVE-2025-2028MEDIUMLack of TLS validationEPSS 0.2%CVE-2024-30134MEDIUMHCL Traveler for Microsoft Outlook (HTMO) is susceptible to an application modification vulnerabilityEPSS 0.2%CVE-2024-41258MEDIUMAn issue was discovered in filestash v0.4. The usage of the ssh.InsecureIgnoreHostKey() disables host key verification, possibly allowing atEPSS 0.2%CVE-2026-24122LOWCosign Certificate Chain Expiry Validation Issue Allows Issuing Certificate Expiry to Be OverlookedEPSS 0.2%CVE-2025-10495HIGHA potential vulnerability was reported in the Lenovo PC Manager, Lenovo App Store, Lenovo Browser, and Lenovo Legion Zone client applicationEPSS 0.2%CVE-2024-32928MEDIUMThe libcurl CURLOPT_SSL_VERIFYPEER option was disabled on a subset of requests made by Nest production devices which enabled a potential manEPSS 0.2%CVE-2026-9259HIGHImproper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlierEPSS 0.2%CVE-2026-41132MEDIUMCKAN: No certificate validation on STMP connectionEPSS 0.2%CVE-2022-39334LOWnextcloudcmd incorrectly trusts bad TLS certificatesEPSS 0.2%CVE-2025-40744HIGHA vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 11). Affected applications do not properly validate cEPSS 0.2%CVE-2026-40557MEDIUMApache Storm Prometheus Reporter: Disabling TLS verification for Prometheus Reporter also disables it for all other connectionsEPSS 0.2%CVE-2023-38009MEDIUMIBM Cognos Analytics Mobile information disclosureEPSS 0.2%