CWE-295: CWE-295

This vulnerability allows local attackers to bypass DRM content protection on Android devices by exploiting confusion between OEM and DRM certificates...

This CVE describes a local privilege escalation vulnerability in Lenovo Vantage software where attackers can bypass integrity checks to execute arbitr...

This vulnerability in BeyondTrust Privilege Management for Windows allows attackers to bypass certificate validation when publisher criteria is select...

This vulnerability allows a malicious Android app to impersonate the system UWB resources component due to improper cryptographic implementation. This...

This vulnerability in Android's WorkSource component involves a parcel mismatch that allows local privilege escalation without requiring user interact...

This vulnerability allows attackers to intercept unencrypted update requests and deliver malicious packages to affected NETGEAR routers and Orbi WiFi ...

LINE client for iOS versions before 15.4 has a critical SSL/TLS certificate validation bypass vulnerability in an integrated financial SDK. This allow...

This CVE describes an authentication management vulnerability in Huawei's ArkWeb module that could allow attackers to bypass authentication mechanisms...

A certificate validation bypass vulnerability in AWS-LC's PKCS7_verify() function allows unauthenticated attackers to bypass certificate chain verific...

A TLS certificate validation vulnerability in Guardian Gryphon v01.06.0006.22 allows attackers to bypass authentication and execute arbitrary commands...

This vulnerability in Sunbird-Ed portal version 1.13.4 disables TLS/SSL certificate validation, allowing attackers to intercept and potentially modify...

This vulnerability allows network attackers to intercept SumatraPDF's update requests and deliver malicious installers due to disabled TLS hostname ve...

DataHub's LDAP ingestion source is vulnerable to TLS downgrade attacks, allowing man-in-the-middle attackers to intercept and potentially modify LDAP ...

This vulnerability in Go's HostnameError.Error() function allows a malicious certificate to cause excessive resource consumption through unbounded str...

pgAdmin versions up to 9.9 have a vulnerability in LDAP authentication that allows attackers to bypass TLS certificate verification. This enables man-...

This vulnerability in Lenovo client applications allows attackers on the same logical network to execute arbitrary code under certain conditions. It a...

This vulnerability in Solid Edge SE2025 allows unauthenticated remote attackers to perform man-in-the-middle attacks by exploiting improper client cer...

This vulnerability allows attackers who can intercept and modify traffic destined for affected NETGEAR routers to execute arbitrary commands on the de...

This vulnerability in syslog-ng's TLS certificate validation allows improper wildcard matching patterns like 'foo.*.bar' and 'foo.a*c.bar' that should...

This CVE describes a man-in-the-middle vulnerability in Amazon's remote desktop clients (WorkSpaces, AppStream 2.0, DCV) that could allow attackers to...

This CVE describes a man-in-the-middle vulnerability in Amazon WorkSpaces native clients using the PCoIP protocol. Attackers could potentially interce...

A vulnerability in FORT RPKI validator before version 1.6.3 allows a malicious RPKI repository to serve specially crafted ROA or Manifest data encoded...

This vulnerability in Casdoor v1.636.0 allows attackers to bypass SSH host key verification, potentially enabling man-in-the-middle attacks and creden...

IBM Security Verify Access Appliance versions 10.0.0 through 10.0.7 have a missing certificate validation vulnerability when deploying Open Source scr...

This vulnerability allows network-adjacent attackers to execute arbitrary code on PDF-XChange Editor installations without user interaction. The updat...

CVE-2023-4499 is an information disclosure vulnerability in HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) that co...

This vulnerability involves multiple root CA certificates that should be disabled in Android systems. If exploited, it could allow remote attackers to...

This vulnerability in 4D SAS 4D Server allows attackers to eavesdrop on network traffic and retrieve password hashes for all users. It affects 4D Serv...

This vulnerability allows attackers to bypass certificate validation in Acronis products, potentially leading to man-in-the-middle attacks, sensitive ...

This CVE describes an improper certificate validation vulnerability in FortiAnalyzer and FortiManager devices that allows remote unauthenticated attac...

This OpenSSL vulnerability allows attackers to cause denial-of-service by exploiting certificate policy constraint processing. When enabled, malicious...

LibreOffice improperly validates macro signatures by only checking certificate serial numbers and issuer strings, not the actual cryptographic signatu...

IBM QRadar SIEM versions 7.3, 7.4, and 7.5 fail to properly validate SSL/TLS certificates for some inter-host communications. This allows attackers to...

LemonLDAP::NG versions through 2.0.8 do not validate X.509 certificates when connecting to LDAP backends by default, allowing man-in-the-middle attack...

CVE-2022-22549 is an improper certificate validation vulnerability in Dell PowerScale OneFS storage systems. Unauthenticated remote attackers can expl...

The Jenkins Proxmox Plugin versions 0.6.0 and earlier disable SSL/TLS certificate validation globally for the entire Jenkins controller JVM when confi...

CVE-2021-3698 is an authentication bypass vulnerability in Cockpit's SSSD certificate verification. It allows client certificates to authenticate succ...

This vulnerability in wolfSSL allows TLS 1.3 clients to bypass mutual authentication requirements by omitting the certificate_verify message during ha...

LibreOffice has an improper certificate validation vulnerability that allows attackers to modify digitally signed ODF documents and insert bogus signi...

This vulnerability allows attackers to create digitally signed LibreOffice documents that appear valid but contain manipulated content unrelated to th...

IBM Security Verify Bridge 1.0.5.0 has improper certificate validation that could allow attackers to intercept sensitive information. This affects org...

This vulnerability in Mbed TLS allows attackers to bypass certificate validation by exploiting a parsing flaw where NULL algorithm parameters are inco...

Patterson Eaglesoft dental practice management software versions 18-21 has a certificate authentication flaw where the same certificate is accepted ac...

This vulnerability in HashiCorp Consul's Envoy proxy allows TLS connections to bypass service identity validation. Attackers could potentially interce...

This vulnerability in Fossil SCM software allows attackers to perform man-in-the-middle attacks by bypassing TLS certificate hostname validation. When...

CVE-2016-20011 is a TLS certificate verification bypass vulnerability in libgrss that allows attackers to perform man-in-the-middle attacks on RSS/Ato...

HashiCorp Vault's Cassandra integrations failed to validate TLS certificates when connecting to Cassandra clusters, allowing man-in-the-middle attacks...

Traefik 2.x before 2.1.4 and TraefikEE 2.0.0 fail to properly purge certificate contents before logging, potentially exposing sensitive TLS certificat...

This vulnerability allows man-in-the-middle attacks by disabling TLS/SSL certificate validation in jxcore jxm master. When 'jx_obj.IsSecure' is true, ...

An improper certificate validation vulnerability in OPC-UA and ANSL over TLS clients in Automation Studio allows attackers to intercept and manipulate...