Falhas do tipo CWE-295
695 resultadosCVE-2025-13052HIGHAn improper certificates validation vulnerability was found in the Notification settings of ADMEPSS 0.2%CVE-2025-65290HIGHAqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 fail to validate server certificates during HEPSS 0.2%CVE-2025-65291HIGHAqara Hub devices including Hub M2 4.3.6_0027, Hub M3 4.3.6_0025, Camera Hub G3 4.1.9_0027 fail to validate server certificates in TLS conneEPSS 0.2%CVE-2026-40971MEDIUMWhen configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification when connecting to thEPSS 0.2%CVE-2026-54100HIGHWindows-machine-config-operator: windows-machine-config-operator: ssh host key not verified enables credential theftEPSS 0.2%CVE-2024-47241MEDIUMDell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper Certificate Validation vulnerability. A low priEPSS 0.2%CVE-2026-24934MEDIUMAn improper certificate validation vulnerability was found in ADM while querying an external server for the device's WAN IP address.EPSS 0.2%CVE-2024-6156LOWMark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust storEPSS 0.2%CVE-2026-22613MEDIUMThe server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacEPSS 0.2%CVE-2026-34073LOWcryptography has incomplete DNS name constraint enforcement on peer namesEPSS 0.2%CVE-2024-48865HIGHQTS, QuTS heroEPSS 0.2%CVE-2025-52919MEDIUMIn Yealink RPS before 2025-05-26, the certificate upload function does not properly validate certificate content, potentially allowing invalEPSS 0.2%CVE-2025-67601HIGHRancher CLI skips TLS verification on Rancher CLI login commandEPSS 0.2%CVE-2024-6219LOWMark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restEPSS 0.2%CVE-2025-15323LOWTanium addressed an improper certificate validation vulnerability in Tanium Appliance.EPSS 0.2%CVE-2024-40590MEDIUMAn improper certificate validation vulnerability [CWE-295] in FortiPortal version 7.4.0, version 7.2.4 and below, version 7.0.8 and below, vEPSS 0.2%CVE-2023-50179MEDIUMAn improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2 all versions, 7.1 all versions, 7.0 all versions may allowEPSS 0.2%CVE-2026-3822HIGHTaipower|Taipower APP(Android) - Improper Certificate ValidationEPSS 0.2%CVE-2026-5263HIGHURI nameConstraints not enforced in ConfirmNameConstraints()EPSS 0.2%CVE-2026-35207MEDIUMdeepinid plugin in dde-control-center is configured to skip TLS certificate verification when downloading avatar from remote serverEPSS 0.1%