Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-295 (证书验证不恰当) — Vulnerability Class 462

462 vulnerabilities classified as CWE-295 (证书验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-37437 Ingest Actions UI in Splunk Enterprise 9.0.0 disabled TLS certificate validation — Splunk Enterprise 7.4 High2022-08-16
CVE-2022-34865 Traffic intelligence feeds vulnerability CVE-2022-34865 — BIG-IP 4.8 Medium2022-08-04
CVE-2022-31183 mTLS client verification is skipped in fs2 on Node.js — fs2 9.1 Critical2022-08-01
CVE-2022-26305 Execution of Untrusted Macros Due to Improper Certificate Validation — LibreOffice 7.5 -2022-07-25
CVE-2022-20860 Cisco Nexus Dashboard SSL Certificate Validation Vulnerability — Cisco Nexus Dashboard 7.4 High2022-07-21
CVE-2022-32210 IBM App Connect Enterprise 信任管理问题漏洞 — https://github.com/nodejs/undici 6.5 -2022-07-14
CVE-2022-31105 Argo CD's certificate verification is skipped for connections to OIDC providers — argo-cd 8.3 High2022-07-12
CVE-2014-8164 Red Hat CloudForms Management Engine 信任管理问题漏洞 — Red Hat CloudForms 9.1 -2022-07-06
CVE-2022-32152 Splunk Enterprise lacked TLS cert validation for Splunk-to-Splunk communication by default — Splunk Enterprise 8.1 High2022-06-15
CVE-2022-32151 Splunk Enterprise disabled TLS validation using the CA certificate stores in Python 3 libraries by default — Splunk Enterprise 7.4 High2022-06-15
CVE-2022-32156 Splunk Enterprise and Universal Forwarder CLI connections lacked TLS cert validation — Splunk Enterprise 8.1 High2022-06-14
CVE-2020-26184 Dell BSAFE Micro Edition Suite 信任管理问题漏洞 — Dell BSAFE Micro Edition Suite 7.5 High2022-06-01
CVE-2022-29222 Improper Certificate Validation in Pion DTLS — dtls 5.9 Medium2022-05-21
CVE-2013-10001 HTC One/Sense Mail Client certificate validation — One 4.8 Medium2022-05-17
CVE-2022-24901 Authentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapter — parse-server 7.5 High2022-05-04
CVE-2021-3898 Motorola Ready For 信任管理问题漏洞 — Device Help Android App 6.8 Medium2022-04-22
CVE-2022-22549 Dell Technologies Dell PowerScale OneFS 信任管理问题漏洞 — PowerScale OneFS 7.5 High2022-04-12
CVE-2022-0759 ManageIQ MiqExpression 信任管理问题漏洞 — kubeclient 8.1 -2022-03-25
CVE-2021-3618 F5 Nginx 信任管理问题漏洞 — ALPACA 9.1 -2022-03-23
CVE-2021-3698 Cockpit 信任管理问题漏洞 — cockpit 7.5 -2022-03-08
CVE-2021-44533 nodejs 信任管理问题漏洞 — Node 7.5 -2022-02-24
CVE-2021-44531 nodejs 信任管理问题漏洞 — Node 7.5 -2022-02-24
CVE-2022-21654 Incorrect configuration handling allows TLS session re-use without re-validation in Envoy — envoy 7.4 High2022-02-22
CVE-2022-21657 X.509 Extended Key Usage and Trust Purposes bypass in Envoy — envoy 6.8 Medium2022-02-22
CVE-2022-21656 X.509 subjectAltName matching bypass in Envoy — envoy 7.4 High2022-02-22
CVE-2022-23649 Improper Certificate Validation in Cosign — cosign 3.3 Low2022-02-18
CVE-2022-23632 Traefik skips the router TLS configuration when the host header is an FQDN — traefik 7.4 High2022-02-17
CVE-2022-24320 EcoStruxure Geo SCADA Expert 信任管理问题漏洞 — ClearSCADA (All Versions), EcoStruxure Geo SCADA Expert 2019 (All Versions), EcoStruxure Geo SCADA Expert 2020 (All Versions) 5.9 -2022-02-09
CVE-2022-24319 EcoStruxure Geo SCADA Expert 信任管理问题漏洞 — ClearSCADA (All Versions), EcoStruxure Geo SCADA Expert 2019 (All Versions), EcoStruxure Geo SCADA Expert 2020 (All Versions) 5.9 -2022-02-09
CVE-2021-21959 Sealevel Systems SeaConnect 370W 信任管理问题漏洞 — Sealevel 8.1 -2022-02-04

Vulnerabilities classified as CWE-295 (证书验证不恰当) represent 462 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.