CWE-295: CWE-295

Google Chrome cached TLS sessions before validating server certificates, allowing attackers to intercept and decrypt HTTPS traffic. This affects users...

CVE-2024-32865 is a TLS certificate validation vulnerability in exacqVision Server that allows man-in-the-middle attacks when connecting to devices. A...

This vulnerability in Strimzi allows Kafka Connect or Kafka MirrorMaker 2 operands to incorrectly trust all certificates in a CA chain when connecting...

This vulnerability allows attackers to perform Man-in-the-Middle attacks on DDNS update communications by exploiting improper TLS/SSL certificate vali...

This vulnerability allows unauthenticated remote attackers to perform Man-in-the-Middle attacks by intercepting HTTPS communications due to improper S...

This vulnerability in Amazon SageMaker Python SDK disables TLS certificate verification when importing Triton Python models, allowing HTTPS connection...

A certificate pinning bypass vulnerability in curl allows attackers to impersonate servers when specific conditions are met. The vulnerability affects...

This vulnerability allows attackers to perform man-in-the-middle attacks against SMTP email notifications in ASUSTOR ADM systems by exploiting imprope...

Traefik versions 3.5.0 through 3.6.2 have inverted TLS verification logic in the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. Setting the ...

IBM Concert Software versions 1.0.0 through 1.1.0 have improper certificate validation, allowing man-in-the-middle attacks. This enables attackers to ...

Samsung Internet for Galaxy Watch version 5.0.9 has a TLS certificate validation vulnerability that allows attackers to impersonate any website via ma...

An improper certificate validation vulnerability in Cisco Catalyst SD-WAN Manager (formerly vManage) allows attackers to intercept Smart Licensing tra...

Dell BSAFE SSL-J contains an improper certificate verification vulnerability that could allow a remote attacker to intercept or manipulate encrypted c...

This vulnerability in CP Plus CP-VNR-3104 network video recorders allows attackers to access Diffie-Hellman parameters, potentially enabling man-in-th...

This vulnerability in CP Plus CP-VNR-3104 video network recorders allows attackers to obtain the second RSA private key, potentially enabling decrypti...

IBM Storage Defender - Resiliency Service versions 2.0.0 through 2.0.9 fail to properly validate SSL/TLS certificates, allowing attackers to perform m...

IBM Concert versions 1.0.0 and 1.0.1 are vulnerable to cross-site request forgery (CSRF) and related attacks because they use cookies without the Same...

This vulnerability in S3Browser allows remote attackers to obtain sensitive information from S3-compatible storage systems through improper certificat...

This vulnerability in JetBrains YouTrack allows man-in-the-middle attacks due to improper certificate hostname validation in SMTPS protocol communicat...

CVE-2026-22613 is an insecure server identity check vulnerability in Eaton Network M3 firmware upgrade mechanism via command shell. This allows attack...

This CVE describes an insecure server identity check mechanism in Eaton G4 PDU firmware upgrades via command shell, allowing man-in-the-middle attacks...

This vulnerability allows a Man-in-the-Middle attacker to intercept or redirect NAT tunnel establishment due to improper SSL/TLS certificate validatio...

This vulnerability allows attackers to forge digital signatures in LibreOffice documents. An attacker can modify a signed ODF document to use an inval...

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS versions 5.24 has an improper certificate validation vulnerability. A low-privileged attacker wi...

This vulnerability in Cisco Webex Meetings allowed an unauthenticated attacker on the same local network to intercept and complete meeting-join reques...

IBM i Netserver has authentication and authorization validation flaws that could allow attackers to brute force credentials or bypass access controls....

Altium Designer 24.9.0 fails to validate self-signed server certificates for cloud connections, allowing man-in-the-middle attackers to intercept or m...

A TLS certificate validation vulnerability in libcurl where reusing easy or multi handles with altered CURLSSLOPT_NO_PARTIALCHAIN options could cause ...

A vulnerability in Lenovo Scanner Pro application allows attackers on the same logical network to access sensitive user files. This affects users of L...

IBM WebSphere Application Server 8.5 and 9.0 have a TLS security weakness that could allow attackers to downgrade or weaken TLS connections. This affe...

A heap-buffer-overread vulnerability in GnuTLS allows attackers to create malicious certificates with malformed Certificate Transparency extensions th...

This vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle attacker to downgrade the security mode of packets, enabling the attacker t...

This vulnerability allows malicious Certificate Authorities to bypass certificate policy checks by including invalid policies in leaf certificates. Wh...

This CVE describes an improper certificate validation vulnerability in the 'デジラアプリ' iOS app. Attackers can perform man-in-the-middle attac...

This vulnerability in Zoom Clients involves improper certificate validation that could allow an unauthenticated attacker on the same network to potent...

The WTW-EAGLE mobile app fails to properly validate SSL/TLS server certificates, allowing man-in-the-middle attackers to intercept and decrypt encrypt...

CVE-2025-58125 is an improper certificate validation vulnerability in the Checkmk Exchange plugin Freebox v6 agent. Attackers in a man-in-the-middle p...

This vulnerability allows attackers in a man-in-the-middle position to intercept traffic between Checkmk and Dell PowerScale systems due to improper c...

CVE-2025-58123 is an improper certificate validation vulnerability in the Checkmk Exchange BGP Monitoring plugin. Attackers in a man-in-the-middle pos...

This vulnerability allows remote unauthenticated attackers to perform man-in-the-middle attacks on HTTPS communications between FortiOS devices and Fo...

This vulnerability allows man-in-the-middle attackers to intercept and tamper with encrypted communications between FortiPortal and FortiManager/Forti...

This vulnerability allows a man-in-the-middle attacker to intercept and manipulate communications between FortiWeb WAF devices and external data sourc...

This vulnerability in TP-Link Tether and Tapo mobile apps allows remote attackers to intercept encrypted communications via man-in-the-middle attacks ...

This vulnerability in Yealink RPS (Remote Provisioning Service) allows attackers to upload invalid certificates due to insufficient content validation...

This CVE describes an improper certificate validation vulnerability in Synology BeeStation OS and DiskStation Manager update functionality. It allows ...

A vulnerability in Eugeny Tabby terminal emulator version 1.0.213 allows remote attackers to capture SSH credentials when connecting to malicious serv...

An improper certificate validation vulnerability in Palo Alto Networks PAN-OS allows an authorized user with a specially crafted client certificate to...

This CVE describes a TLS certificate validation bypass vulnerability in MongoDB servers. On Windows and Apple systems, MongoDB may accept client certi...

CISA Thorium versions before 1.1.2 fail to validate TLS certificates when connecting to Elasticsearch, allowing man-in-the-middle attacks. An unauthen...

The Nextcloud Desktop Client vulnerability allows attackers to bypass signature validation when a manipulated server sends an empty initial signature....