Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-295 (证书验证不恰当) — Vulnerability Class 462

462 vulnerabilities classified as CWE-295 (证书验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-44549 SMTPS server hostname not checked when making TLS connection to SMTPS server — Apache Sling Commons Messaging Mail 7.4 -2021-12-14
CVE-2021-42027 Siemens SINUMERIK 信任管理问题漏洞 — SINUMERIK Edge 7.4 -2021-12-14
CVE-2021-34599 Improper Certificate Validation in CODESYS Git — CODESYS Git 7.4 High2021-12-01
CVE-2021-23167 Gallagher Command Centre Server信任管理问题漏洞 — Command Centre 8.1 High2021-11-18
CVE-2021-26320 AMD Platform Security Processor信任管理问题漏洞 — 1st Gen AMD EPYC™ 5.5 -2021-11-16
CVE-2021-22278 Certificate verification vulnerability in Update Manager of PCM600 Engineering Tool — PCM600 6.7 Medium2021-10-28
CVE-2021-25634 Timestamp Manipulation with Signature Wrapping — LibreOffice 7.5 -2021-10-12
CVE-2021-25633 Content Manipulation with Double Certificate Attack — LibreOffice 7.5 -2021-10-11
CVE-2021-40713 Adobe Experience Manager Improper Certificate Validation Could Lead to Man In The Middle Attack — Experience Manager 5.9 Medium2021-09-27
CVE-2021-37698 Missing TLS service certificate validation in GelfWriter, ElasticsearchWriter, InfluxdbWriter and Influxdb2Writer — icinga2 7.5 High2021-08-19
CVE-2021-32728 End-to-end encryption device setup did not verify public key — security-advisories 6.5 Medium2021-08-18
CVE-2021-22939 node core 信任管理问题漏洞 — Node 5.3 -2021-08-16
CVE-2021-3636 Red Hat OpenShift 授权问题漏洞 — openshift 4.6 -2021-07-30
CVE-2021-32755 Certificate pinning is not enforced on the web socket connection — wire-ios-transport 5.4 Medium2021-07-13
CVE-2021-31892 Siemens SINUMERIK 信任管理问题漏洞 — SINUMERIK Analyse MyCondition 7.4 -2021-07-13
CVE-2021-32727 End-to-end encryption device setup did not verify public key — security-advisories 5.7 Medium2021-07-12
CVE-2021-1134 Cisco DNA Center Certificate Validation Vulnerability — Cisco Digital Network Architecture Center (DNA Center) 9.1 -2021-06-29
CVE-2021-21571 Dell BIOSConnect信任管理问题漏洞 — UEFI BIOS https stack 5.9 Medium2021-06-24
CVE-2020-15732 Bitdefender 多款产品信任管理问题漏洞 — Total Security 6.5 Medium2021-06-22
CVE-2021-22895 Nextcloud 信任管理问题漏洞 — Nextcloud Desktop Client 5.9 -2021-06-11
CVE-2021-21559 Dell EMC NetWorker 信任管理问题漏洞 — NetWorker 7.1 High2021-06-08
CVE-2021-29504 Improper Certificate Validation in WP-CLI framework — wp-cli 9.1 Critical2021-06-07
CVE-2007-5967 Mozilla 信任管理问题漏洞 — Mozilla Firefox 8.1 -2021-05-17
CVE-2021-22138 Elasticsearch Logstash 信任管理问题漏洞 — Elasticsearch 3.7 -2021-05-13
CVE-2021-29495 Nim stdlib httpClient does not validate peer certificates by default — security 5.9 Medium2021-05-07
CVE-2021-20989 Fibaro Home Center Insufficient remote access server authorization — Fibaro Home Center 5.9 Medium2021-04-19
CVE-2021-3460 Motorola MH702 信任管理问题漏洞 — MH702x 8.1 High2021-04-13
CVE-2020-7924 Specific command line parameter might result in accepting invalid certificate — MongoDB Database Tools 4.2 Medium2021-04-12
CVE-2021-22511 Jenkins 信任管理问题漏洞 — Micro Focus Application Automation Tools Plugin - Jenkins plugin. 5.3 -2021-04-08
CVE-2021-21385 Disabled hostname verification and accepting self-signed certificates — mifos-mobile 8.8 High2021-03-24

Vulnerabilities classified as CWE-295 (证书验证不恰当) represent 462 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.