Weaknesses of type CWE-599
13 resultsCVE-2021-21374HIGHNimble fails to validate certificates due to insecure httpClient defaultsEPSS 1.0%CVE-2022-31105HIGHArgo CD's certificate verification is skipped for connections to OIDC providersEPSS 0.6%CVE-2024-40464HIGHAn issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the sendMail function located in beego/core/logs/smEPSS 0.6%CVE-2023-48052HIGHMissing SSL certificate validation in HTTPie v3.2.2 allows attackers to eavesdrop on communications between the host and server via a man-inEPSS 0.3%CVE-2024-41265HIGHA TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequeEPSS 0.3%CVE-2026-25060HIGHOpenList Insecure TLS Default ConfigurationEPSS 0.2%CVE-2025-56230HIGHTencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the update component.EPSS 0.2%CVE-2025-12553CRITICALServer Certificate Verification DisabledEPSS 0.2%CVE-2025-56146MEDIUMIndian Bank IndSMART Android App 3.8.1 is vulnerable to Missing SSL Certificate Validation in NuWebViewActivity.EPSS 0.2%CVE-2025-63432MEDIUMXtooltech Xtool AnyScan Android Application 4.40.40 and prior is Missing SSL Certificate Validation. The application fails to properly validEPSS 0.1%CVE-2024-36755MEDIUMD-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest firmware version and downloading URL. This can EPSS 0.1%CVE-2024-41253HIGHgoframe v2.7.2 is configured to skip TLS certificate verification, possibly allowing attackers to execute a man-in-the-middle attack via theEPSS 0.1%CVE-2025-56232MEDIUMGOG Galaxy 2.0.0.2 suffers from Missing SSL Certificate Validation. An attacker who controls the local network, DNS, or a proxy can perform EPSS 0.1%