CWE-295: CWE-295

An improper certificate validation vulnerability in OPC-UA and ANSL over TLS clients in Automation Studio allows attackers to intercept and manipulate...

Aqara Hub devices fail to validate server certificates during HTTPS firmware downloads, allowing man-in-the-middle attackers to intercept update traff...

Aqara Hub devices fail to validate TLS server certificates during discovery and CoAP communications, allowing man-in-the-middle attackers to intercept...

This vulnerability allows attackers to perform man-in-the-middle attacks by exploiting missing server certificate validation in the IAM client of affe...

OpenSearch Data Prepper versions before 2.12.2 have a vulnerability where OpenSearch sink and source plugins automatically trust all SSL certificates ...

F5 Access for Android before version 3.1.2 fails to verify remote endpoint identity during HTTPS connections, allowing man-in-the-middle attacks. This...

Zoom Workplace for Linux versions before 6.4.13 have improper certificate validation that could allow an attacker to intercept communications and acce...

The ECOVACS HOME mobile app plugins for specific robot vacuum models fail to properly validate TLS certificates, allowing man-in-the-middle attackers ...

ECOVACS robotic lawnmowers and vacuums fail to properly validate TLS certificates, allowing unauthenticated attackers to intercept and manipulate TLS ...

This vulnerability in CP Plus CP-VNR-3104 network video recorders allows attackers to intercept and decrypt communications or perform man-in-the-middl...

This vulnerability allows an unauthenticated remote attacker to perform man-in-the-middle attacks against Cisco Expressway-C and TelePresence VCS devi...

This vulnerability in Bitdefender Total Security's HTTPS scanning feature incorrectly trusts certificates that aren't authorized to issue certificates...

This vulnerability in Bitdefender Total Security's HTTPS scanning allows attackers to perform Man-in-the-Middle attacks by intercepting communications...

This vulnerability in Bitdefender Total Security's HTTPS scanning feature improperly trusts DSA-signed certificates, allowing attackers to perform man...

The Checkmk Exchange plugin for MikroTik has improper certificate validation, allowing attackers in a man-in-the-middle position to intercept and pote...

CVE-2024-7383 is a TLS certificate verification flaw in libnbd that allows man-in-the-middle attacks on NBD (Network Block Device) traffic. This vulne...

This CVE describes an improper certificate validation vulnerability in FortiADC that allows remote unauthenticated attackers to perform Man-in-the-Mid...

This vulnerability allows man-in-the-middle attacks against Serverpod's non-web HTTP clients by bypassing TLS certificate validation. Attackers can in...

This vulnerability in Dell BSAFE cryptographic libraries allows attackers to potentially bypass security controls or decrypt sensitive data when crypt...

An improper certificate validation vulnerability in GitLab EE's experimental Smartcard authentication feature allows attackers to impersonate other us...

CVE-2023-24461 is an improper certificate validation vulnerability in F5 BIG-IP Edge Client for Windows and macOS that allows attackers to impersonate...

This vulnerability allows an unauthenticated remote attacker to perform man-in-the-middle attacks on SSL/TLS connections between Cisco Nexus Dashboard...

ALPACA is a TLS protocol confusion attack that allows man-in-the-middle attackers to redirect traffic between different services sharing compatible ce...

This vulnerability in Node.js allows attackers to bypass certificate name constraints by using arbitrary Subject Alternative Name (SAN) types, particu...

Traefik versions before 2.6.1 incorrectly handle TLS configuration when requests use fully qualified domain names (FQDNs) in the Host header, potentia...

Apache Sling Commons Messaging Mail versions before 2.0 lack server identity verification for SMTPS connections by default, allowing man-in-the-middle...

CVE-2021-34599 is a certificate validation vulnerability in CODESYS Git versions prior to V1.1.0.0 that allows man-in-the-middle attacks by not verify...

This vulnerability in multiple Siemens SINUMERIK industrial software products allows man-in-the-middle attacks due to improper SSL/TLS certificate val...

This vulnerability allows unauthenticated remote attackers to intercept and modify sensitive network client data by exploiting improper X.509 certific...

This OpenSSL vulnerability allows certificate chain validation to be bypassed when the X509_V_FLAG_X509_STRICT flag is explicitly set. It affects appl...

CVE-2021-26911 is a missing SSL certificate validation vulnerability in Canary Mail's IMAP implementation when using STARTTLS mode. This allows man-in...

This critical vulnerability in cym1102 nginxWebUI allows remote attackers to bypass certificate validation through manipulation of the nginxPath param...

CVE-2024-43107 is an improper certificate validation vulnerability in Gallagher's Milestone Integration Plugin that allows unauthenticated messages (i...

The UniFi iOS app (versions 10.17.7 and earlier) fails to properly validate certificates when managing standalone UniFi Access Points, allowing attack...

This vulnerability in the Kubernetes C# client allows attackers to bypass certificate validation, accepting forged certificates from any Certificate A...

The Vault TLS certificate authentication method fails to properly validate client certificates when configured with non-CA certificates as trusted cer...

Altair GraphQL Client desktop app versions before 8.0.5 fail to validate HTTPS certificates, allowing man-in-the-middle attackers to intercept all Gra...

This vulnerability allows remote unauthenticated attackers to perform man-in-the-middle attacks during ZTNA tunnel creation between FortiGate and Fort...

A privilege escalation vulnerability in Siemens License Server allows low-privileged users to gain higher permissions. This affects all Siemens Licens...

This CVE describes a false positive detection issue where HCL Traveler for Microsoft Outlook (HTMO.exe) is incorrectly flagged as malicious software b...

This vulnerability allows attackers to impersonate legitimate update servers for Nissan Leaf infotainment systems due to improper SSL certificate vali...

This vulnerability allows certificate authorities to issue certificates with wildcard SANs that bypass excluded subdomain constraints. It affects syst...

CleverControl employee monitoring software fails to validate TLS certificates during installation, allowing man-in-the-middle attackers to intercept d...

Dragonfly Manager versions before 2.1.0 have disabled TLS certificate verification in HTTP clients, making them vulnerable to man-in-the-middle attack...

This vulnerability allows man-in-the-middle attackers to intercept and modify CSV files containing IP-to-country mappings during download due to missi...

This vulnerability allows an authorized attacker to spoof their identity on Windows SMB networks by exploiting improper certificate validation. Attack...

libcurl versions 8.9.0 through 8.10.0 fail to verify TLS certificates for QUIC connections when URLs contain IP addresses instead of hostnames. This a...

A copy-paste error in OpenSSL 3.5 causes the '-addreject' option in the openssl x509 command to incorrectly mark certificates as trusted for specific ...

This vulnerability in ChargePoint Home Flex charging stations allows network-adjacent attackers to bypass SSL certificate validation, potentially enab...

Google Chrome cached TLS sessions before validating server certificates, allowing attackers to intercept and decrypt HTTPS traffic. This affects users...