Fallos del tipo CWE-295
695 resultadosCVE-2025-50944HIGHAn issue was discovered in the method push.lite.avtech.com.MySSLSocketFactoryNew.checkServerTrusted in AVTECH EagleEyes 2.0.0. The custom X5EPSS 0.2%CVE-2025-54607HIGHAuthentication management vulnerability in the ArkWeb module.
Impact: Successful exploitation of this vulnerability may affect service confiEPSS 0.2%CVE-2023-47742MEDIUMIBM QRadar Suite information dislosureEPSS 0.2%CVE-2024-53846MEDIUMssl fails to validate incorrect extened key usageEPSS 0.2%CVE-2024-23928MEDIUMPioneer DMH-WT7600NEX Telematics Improper Certificate ValidationEPSS 0.2%CVE-2023-31151MEDIUMImproper Certificate ValidationEPSS 0.2%CVE-2023-32994LOWJenkins SAML Single Sign On(SSO) Plugin 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOraEPSS 0.2%CVE-2026-1778HIGHTLS disabled by default in select aws/sagemaker-python-sdk configurationsEPSS 0.2%CVE-2025-6433CRITICALWebAuthn would allow a user to sign a challenge on a webpage with an invalid TLS certificateEPSS 0.2%CVE-2022-22380MEDIUMIBM Security Verify Privilege improper authenticationEPSS 0.2%CVE-2025-65830CRITICALDue to a lack of certificate validation, all traffic from the mobile application can be intercepted. As a result, an adversary located "upstEPSS 0.2%CVE-2025-20157MEDIUMCisco Catalyst vManage Certificate Validation VulnerabilityEPSS 0.2%CVE-2025-69412LOWKDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing Lookup API (aka phishing API), which miEPSS 0.2%CVE-2025-7390CRITICALBypass the client certificate trust check of an opc.https server while only secure communication is allowedEPSS 0.2%CVE-2026-42789HIGHNon-CA certificate accepted as intermediate issuer in public_key path validationEPSS 0.2%CVE-2023-6055HIGHImproper Certificate Validation in Bitdefender Total Security HTTPS Scanning (VA-11158)EPSS 0.2%CVE-2025-5279HIGHIssue with Amazon Redshift Python Connector and the BrowserAzureOAuth2CredentialsProvider pluginEPSS 0.2%CVE-2024-6472HIGHAbility to trust not validated macro signatures removed in high security modeEPSS 0.2%CVE-2026-6860MEDIUMA TCP client can perform a TLS handshake and present the server name extension with a server name that is accepted by a server wildcard nameEPSS 0.2%CVE-2024-10444HIGHImproper certificate validation vulnerability in the LDAP utilities in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-EPSS 0.2%