Weaknesses of type CWE-295
695 resultsCVE-2025-15557HIGHImproper Certificate Validation in TP-Link Tapo H100 and P100 Allows Man-in-the-Middle AttackEPSS 0.2%CVE-2026-40974MEDIUMSpring Boot's Cassandra auto-configuration does not perform hostname verification when establishing an SSL connection to Cassandra.
AffecteEPSS 0.2%CVE-2025-12765HIGHpgAdmin 4: LDAP authentication flow vulnerable to TLS certificate verification bypass.EPSS 0.2%CVE-2026-4587MEDIUMHybridAuth SSL Curl.php certificate validationEPSS 0.2%CVE-2021-26320—Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV Firmware may allow a local authenticated attacEPSS 0.2%CVE-2026-6450LOWCRL critical extension bypass in ParseCRL_ExtensionsEPSS 0.2%CVE-2026-33542MEDIUMIncus does not verify combined fingerprint when downloading images from simplestreams serversEPSS 0.2%CVE-2026-3100HIGHAn improper certificate validation vulnerability was found in the FTP Backup on the ADM.EPSS 0.2%CVE-2023-6058HIGHHTTPS Certificate Validation Issue in Bitdefender Safepay (VA-11167)EPSS 0.2%CVE-2026-32627HIGHcpp-httplib has a Silent TLS Certificate Verification Bypass on HTTPS Redirect via ProxyEPSS 0.2%CVE-2023-49567HIGHInsecure Trust of certificates using collision hash functions in Bitdefender Total Security HTTPS Scanning (VA-11239)EPSS 0.2%CVE-2025-10539MEDIUMImproper TLS Certificate Validation RCE via Malicious Update in DeskTime Time Tracking AppEPSS 0.2%CVE-2025-54470HIGHNeuVector telemetry sender is vulnerable to MITM and DoSEPSS 0.2%CVE-2024-41724HIGHImproper Certificate Validation (CWE-295) in the Gallagher Command Centre SALTO integration allowed an attacker to spoof the SALTO server.
EPSS 0.2%CVE-2025-62371HIGHOpenSearch Data Prepper plugins trusts all SSL certificates by defaultEPSS 0.2%CVE-2024-54147MEDIUMAltair GraphQL Client's desktop app does not validate HTTPS certificatesEPSS 0.2%CVE-2024-43107HIGHImproper Certificate Validation (CWE-295) in the Gallagher Milestone Integration Plugin (MIP) permits unauthenticated messages (e.g. alarm eEPSS 0.2%CVE-2026-35389HIGHBulwark Webmail S/MIME signature verification accepted self-signed certificatesEPSS 0.2%CVE-2022-34404MEDIUM
Dell System Update, version 2.0.0 and earlier, contains an Improper Certificate Validation in data parser module. A local attacker with higEPSS 0.2%CVE-2024-8287HIGHAnbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS certificate provided to it by the Anbox Stream Agent.EPSS 0.2%