CWE-295: CWE-295

A certificate validation vulnerability in Mozilla products allows improper certificate length checking when adding certificates to a certificate store...

This vulnerability allows attackers to intercept and tamper with data transmitted to Nuki smart lock devices due to lack of certificate validation in ...

This vulnerability in NETGEAR routers allows network-adjacent attackers to exploit improper certificate validation in the HTTPS update functionality. ...

CVE-2022-27644 is a certificate validation vulnerability in NETGEAR R6700v3 routers that allows network-adjacent attackers to intercept HTTPS download...

This vulnerability allows non-server agents in HashiCorp Nomad clusters to access server-only Raft RPC functionality, enabling privilege escalation. A...

This vulnerability in D-Link DAP-1880AC firmware allows remote authenticated attackers to bypass certificate chain of trust validation, potentially ga...

This vulnerability allows attackers to spoof the SALTO server in Gallagher Command Centre systems due to improper certificate validation. Attackers co...

This vulnerability in OTRS and OTRS Community Edition allows attackers to intercept email communications by using invalid or expired SSL/TLS certifica...

Dell Unity storage systems prior to version 5.3 contain a man-in-the-middle vulnerability in the vmadapter component. Attackers can spoof vCenter cert...

This CVE describes a firmware downgrade vulnerability in GL-Inet GL-AXT1800 routers where attackers can perform man-in-the-middle attacks to deliver m...

This vulnerability in Podman's machine init command allows man-in-the-middle attacks by failing to verify TLS certificates when downloading VM images ...

Argo CD versions 0.4.0 through 2.4.4 (excluding patched versions) have improper certificate validation for OpenID Connect providers, allowing attacker...

Errands versions before 46.2.10 fail to validate TLS certificates when connecting to CalDAV servers, allowing man-in-the-middle attackers to intercept...

This vulnerability in IBM Cognos Controller and IBM Controller allows unauthorized users to obtain valid authentication tokens due to improper certifi...

This vulnerability in IBM Security Verify Access allows a privileged user to install a configuration file that could enable remote access, potentially...

This vulnerability allows an unauthenticated attacker on the same network to perform a man-in-the-middle attack between FortiClientEMS and FortiClient...

OpenEMR versions before 7.0.4 have disabled SSL/TLS certificate verification by default in their HTTP client, making all HTTPS connections vulnerable ...

This vulnerability allows an unauthorized attacker to execute arbitrary code over a network by exploiting improper certificate validation in Azure Loc...

A vulnerability in fog-kubevirt allows remote attackers to perform Man-in-the-Middle attacks by intercepting communications between Satellite and Open...

This vulnerability in foreman_kubevirt disables SSL certificate verification by default when connecting to OpenShift without an explicitly set CA cert...

This vulnerability in Siemens industrial software products allows man-in-the-middle attacks due to missing TLS certificate validation in the SALT SDK....

SICAM TOOLBOX II fails to validate extended key usage attributes in TLS certificates, allowing attackers to perform man-in-the-middle attacks. This af...

BYD QIN PLUS DM-i vehicles running Dilink OS versions 3.0_13.1.7.2204050.1 through 3.0_13.1.7.2312290.1_0 send unencrypted broadcasts to manufacturer ...

HCL BigFix Web Reports has improper SSL certificate validation, allowing man-in-the-middle attacks. Attackers could intercept and manipulate HTTPS com...

CVE-2025-1193 is a certificate validation vulnerability in Devolutions Remote Desktop Manager that allows man-in-the-middle attacks. Attackers can int...

2N Access Commander versions 2.1 and earlier fail to verify TLS certificates from 2N edge devices by default, allowing man-in-the-middle attackers to ...

qBittorrent versions before 5.0.1 fail to properly validate HTTPS certificates, allowing connections to proceed even when certificate validation error...

This vulnerability in Red Hat OpenStack Platform director allows attackers to deploy compromised container images by disabling TLS certificate verific...

MiniTool Power Data Recovery 11.6 has an insecure installation process vulnerable to man-in-the-middle attacks, allowing attackers to intercept and re...

MiniTool Shadow Maker version 4.1 has an insecure installation process vulnerable to man-in-the-middle attacks, allowing attackers to intercept and mo...

MiniTool Partition Wizard 12.8 has an insecure installation mechanism that allows attackers to perform man-in-the-middle attacks during software updat...

This vulnerability in Samsung Email allows attackers to perform man-in-the-middle attacks by exploiting improper certificate validation. Attackers can...

The Mattermost iOS app fails to properly validate TLS server certificates during WebSocket connection initialization, allowing network attackers to pe...

The DroneScout ds230 Remote ID receiver has an improper authentication vulnerability during firmware updates where it doesn't validate TLS certificate...

This vulnerability allows authenticated Cloud Foundry users to overwrite syslog drain credentials of other users if they know the client certificate u...

CVE-2023-31484 is a TLS certificate verification bypass vulnerability in CPAN.pm that allows man-in-the-middle attackers to intercept and modify softw...

HTTP::Tiny versions before 0.083 have an insecure default TLS configuration that does not verify SSL/TLS certificates by default, requiring users to e...

This vulnerability allows man-in-the-middle attackers to intercept and potentially manipulate connections between PCoIP Zero Clients and Amazon Worksp...

Splunk Enterprise and Universal Forwarder versions before 9.0 do not validate TLS certificates by default when the CLI connects to remote Splunk insta...

Splunk Enterprise and Splunk Cloud Platform versions before 9.0 and 8.2.2203 respectively did not validate TLS certificates during Splunk-to-Splunk co...

This vulnerability allows man-in-the-middle attackers to intercept and potentially decrypt sensitive communications between Gallagher Command Centre s...

This vulnerability allows man-in-the-middle attackers to intercept and manipulate communications between Acronis products and their servers due to mis...

Motorola MH702x devices before version 2.0.0.301 fail to properly validate SSL/TLS server certificates when communicating with the support server. Thi...

This vulnerability in SPIRE allows authenticated agents to request X.509 certificates for SPIFFE IDs they're not authorized to distribute. Attackers w...

This vulnerability in MongoDB Rust Driver disables TLS certificate validation when tlsInsecure=False appears in connection strings, allowing man-in-th...

Boundary and Boundary Enterprise are vulnerable to session hijacking through TLS certificate tampering. Attackers with specific privileges can craft T...

This vulnerability allows a local attacker to escalate privileges through improper validation in the firmware update mechanism of LADM and LDCC compon...

This vulnerability in LibreOffice's certificate validation UI could allow users to inadvertently run malicious signed macros when certificate verifica...

This vulnerability allows local attackers to bypass DRM content protection on Android devices by exploiting confusion between OEM and DRM certificates...

This CVE describes a local privilege escalation vulnerability in Lenovo Vantage software where attackers can bypass integrity checks to execute arbitr...