Falhas do tipo CWE-297
52 resultadosCVE-2024-37015HIGHAn issue was discovered in Ada Web Server 20.0. When configured to use SSL (which is not the default setting), the SSL/TLS used to establishEPSS 0.4%CVE-2024-49782MEDIUMIBM OpenPages improper certificate validationEPSS 0.3%CVE-2024-38324MEDIUMIBM Storage Defender improper certificate validationEPSS 0.3%CVE-2025-59060MEDIUMApache Ranger: Hostname verification bypass in NiFiRegistryClient and NifiClientEPSS 0.3%CVE-2018-19946MEDIUMThe vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this improper certificate validation vulnerabilitEPSS 0.3%CVE-2025-2190HIGHThe mobile application (com.transsnet.store) has a man-in-the-middle attack vulnerability, which may lead to code injection risks.EPSS 0.3%CVE-2026-43869HIGHApache Thrift: TSSLTransportFactory.java hostname verificationEPSS 0.3%CVE-2022-29082LOWDell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6EPSS 0.3%CVE-2022-48306MEDIUMGotham Chat IRC help does not validate hostnames in TLS certificatesEPSS 0.3%CVE-2026-54275LOWAIOHTTP: TLS Server Hostname Override Is Ignored When Reusing HTTPS ConnectionsEPSS 0.3%CVE-2026-41603HIGHApache Thrift: Java TSSLTransportFactory hostname verificationEPSS 0.3%CVE-2026-42790HIGHnameConstraints DNS bypass via subject CommonName fallback in public_key hostname verificationEPSS 0.2%CVE-2023-24568MEDIUM
Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port which could disallow replaEPSS 0.2%CVE-2026-22747MEDIUMUnauthorized User Impersonation when Using X.509 Client CertificatesEPSS 0.2%CVE-2022-27890MEDIUMIt was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactoryEPSS 0.2%CVE-2025-68637CRITICALApache Uniffle: Insecure SSL Configuration in Uniffle HTTP ClientEPSS 0.2%CVE-2024-2462MEDIUMAllow attackers to intercept or falsify data exchanges between the client
and the serverEPSS 0.2%CVE-2022-48307MEDIUMIt was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactorEPSS 0.2%CVE-2023-34143MEDIUMImproper Validation of Certificate Vulnerability in Hitachi Device ManagerEPSS 0.2%CVE-2025-49015MEDIUMThe Couchbase .NET SDK (client library) before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK wEPSS 0.2%