Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-295 (证书验证不恰当) — Vulnerability Class 462

462 vulnerabilities classified as CWE-295 (证书验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2019-5102 OpenWrt 信任管理问题漏洞 — OpenWRT 4.0 Medium2019-11-18
CVE-2019-5101 OpenWrt 信任管理问题漏洞 — OpenWRT 4.0 Medium2019-11-18
CVE-2019-3685 Missing TLS certificate validation for HTTPS connections in osc — Open Build Service 7.4 High2019-11-05
CVE-2019-0054 Junos OS: SRX Series: An attacker may be able to perform Man-in-the-Middle (MitM) attacks during app-id signature updates. — Junos OS 6.8 Medium2019-10-09
CVE-2019-3751 Dell EMC Enterprise Copy Data Management 信任管理问题漏洞 — Dell EMC Enterprise Copy Data Management (eCDM) 7.4 -2019-09-03
CVE-2019-1948 Cisco Webex Meetings Mobile (iOS) SSL Certificate Validation Vulnerability — Cisco WebEx Meetings for iOS 5.9 -2019-08-21
CVE-2019-3890 Evolution EWS 信任管理问题漏洞 — evolution-ews 6.5 -2019-08-01
CVE-2019-7615 Elasticsearch Elastic APM agent for Ruby 信任管理问题漏洞 — Elastic APM agent for Ruby 7.4 -2019-07-30
CVE-2019-1010275 helm 信任管理问题漏洞 — helm 9.1 -2019-07-17
CVE-2018-5408 PrinterLogic Print Management Software fails to validate the management portal SSL certificates — Management Software 7.4 -2019-05-08
CVE-2019-1590 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Insecure Fabric Authentication Vulnerability — Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode 8.1 -2019-05-03
CVE-2019-1757 Cisco IOS and IOS XE Software Smart Call Home Certificate Validation Vulnerability — Cisco IOS and IOS XE Software 5.9 -2019-03-28
CVE-2019-1748 Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability — Cisco IOS and IOS XE Software 7.4 -2019-03-27
CVE-2019-3814 Dovecot 信任管理问题漏洞 — dovecot 5.3 -2019-03-27
CVE-2019-3841 kubevirt containerized data importer 安全漏洞 — kubevirt/virt-cdi-importer 5.9 -2019-03-25
CVE-2019-3777 Apps Manager unverified SSL certs in Cloud Controller proxy — Apps Manager 9.1 -2019-03-07
CVE-2019-1683 Cisco SPA112, SPA525, and SPA5x5 Series IP Phones Certificate Validation Vulnerability — Cisco Small Business SPA500 Series IP Phones 7.4 -2019-02-25
CVE-2019-1659 Cisco Prime Infrastructure Certificate Validation Vulnerability — Cisco Prime Infrastructure 4.0 -2019-02-21
CVE-2018-0434 Cisco SD-WAN Solution Certificate Validation Vulnerability — Cisco SD-WAN Solution 7.4 -2018-10-05
CVE-2016-7075 Red Hat OpenShift Enterprise 信任管理问题漏洞 — OpenShift 9.8 -2018-09-10
CVE-2017-7513 Red Hat Satellite 安全漏洞 — Red Hat Satellite 4.2 -2018-08-22
CVE-2017-13105 Hi Security Virus Cleaner - Antivirus, Booster, 3.7.1.1329, 2017-09-13, Android application accepts all SSL certificates during SSL communication — Virus Cleaner - Antivirus, Booster 5.9 -2018-08-15
CVE-2017-2648 CloudBees Jenkins SSH Slaves插件安全漏洞 — jenkins-ssh-slaves-plugin 5.6 -2018-07-27
CVE-2017-2649 CloudBees Jenkins Active Directory插件安全漏洞 — Active Directory Jenkins plugin 8.1 -2018-07-27
CVE-2017-2629 Haxx curl和libcurl 安全漏洞 — curl 5.9 -2018-07-27
CVE-2017-2623 rpm-ostree和rpm-ostree-client 安全漏洞 — rpm-ostree, 5.3 -2018-07-27
CVE-2017-2639 Red Hat CloudForms 安全漏洞 — CloudForms 7.5 -2018-07-27
CVE-2017-7562 MIT krb5 信任管理问题漏洞 — krb5 6.5 -2018-07-26
CVE-2017-3182 On the iOS platform, the ThreatMetrix SDK versions prior to 3.2 fail to validate SSL certificates provided by HTTPS connections, which may allow an attacker to perform a man-in-the-middle (MITM) attack — SDK 6.8 -2018-07-24
CVE-2017-7468 Haxx curl/libcurl 安全漏洞 — curl 9.1 -2018-07-16

Vulnerabilities classified as CWE-295 (证书验证不恰当) represent 462 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.