Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-295 (证书验证不恰当) — Vulnerability Class 462

462 vulnerabilities classified as CWE-295 (证书验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-27257 Netgear NETGEAR R7800 信任管理问题漏洞 — R7800 8.1 -2021-03-05
CVE-2021-20328 MongoDB Java driver client-side field level encryption not verifying KMS host name — mongo-java-driver 6.4 Medium2021-02-25
CVE-2021-20327 MongoDB Node.js client side field level encryption library may not be validating KMS certificate — MongoDB Node.js Driver mongodb-client-encryption module 6.4 Medium2021-02-25
CVE-2021-20230 Stunnel 信任管理问题漏洞 — stunnel 7.5 -2021-02-23
CVE-2021-1354 Cisco Unified Computing System Central Software Improper Certificate Validation Vulnerability — Cisco Unified Computing System Central Software 4.3 Medium2021-02-04
CVE-2021-1276 Cisco Data Center Network Manager Certificate Validation Vulnerabilities — Cisco Data Center Network Manager 7.5 High2021-01-20
CVE-2021-1277 Cisco Data Center Network Manager Certificate Validation Vulnerabilities — Cisco Data Center Network Manager 7.5 High2021-01-20
CVE-2020-25680 Apache httpd 信任管理问题漏洞 — JBCS httpd 7.1 -2021-01-07
CVE-2020-8289 Backblaze 信任管理问题漏洞 — Backblaze 8.8 -2020-12-27
CVE-2020-8286 HAXX libcurl 信任管理问题漏洞 — https://github.com/curl/curl 5.3 -2020-12-14
CVE-2012-0955 software-properties incorrectly validated TLS certificates — software-properties 6.8 Medium2020-12-02
CVE-2020-8279 Nextcloud 信任管理问题漏洞 — Nextcloud Social 7.4 -2020-11-19
CVE-2020-27648 Synology DiskStation Manager 信任管理问题漏洞 — DiskStation Manager (DSM) 8.3 High2020-10-29
CVE-2020-27649 Synology Router Manager 信任管理问题漏洞 — Synology Router Manager (SRM) 8.3 High2020-10-29
CVE-2020-3557 Cisco Firepower Management Center Software Denial of Service Vulnerability — Cisco Firepower Management Center 5.3 Medium2020-10-21
CVE-2020-6781 Improper Certificate Validation in Bosch Smart Home System App for iOS — Smart Home 6.8 Medium2020-09-16
CVE-2018-19946 QNAP Systems TS-870 安全漏洞 — Helpdesk 4.2 Medium2020-09-11
CVE-2020-15133 Missing TLS certificate verification in Faye Websocket — faye-websocket 8.0 High2020-07-31
CVE-2020-15134 Missing TLS certificate verification in Faye — faye 8.0 High2020-07-31
CVE-2020-10925 NETGEAR R6700 信任管理问题漏洞 — R6700 8.1 -2020-07-28
CVE-2020-5367 Dell EMC Unisphere for PowerMax 信任管理问题漏洞 — Unisphere for PowerMax, Unisphere for PowerMax Virtual Appliance, PowerMax OS 7.4 High2020-06-23
CVE-2020-3342 Cisco Webex Meetings Desktop App for Mac Update Feature Code Execution Vulnerability — Cisco WebEx Meetings Server 8.8 -2020-06-18
CVE-2020-8156 Nextcloud Mail 信任管理问题漏洞 — Nextcloud Mail 7.0 -2020-05-12
CVE-2020-10059 UpdateHub Module Explicitly Disables TLS Verification — zephyr 4.8 Medium2020-05-11
CVE-2020-12144 The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated — 1. Unity EdgeConnect, NX, VX 2. Unity Orchestrator  3. EdgeConnect in AWS, Azure, GCP 6.0 Medium2020-05-05
CVE-2020-12143 The certificate used to identify Orchestrator to EdgeConnect devices is not validated — 1. Unity EdgeConnect, NX, VX 2. Unity Orchestrator,   3. EdgeConnect in AWS, Azure, GCP 6.0 Medium2020-05-05
CVE-2020-7922 Kubernetes Operator generates potentially insecure certificates — MongoDB Enterprise Kubernetes Operator 6.4 Medium2020-04-09
CVE-2020-3155 Cisco Intelligent Proximity SSL Certificate Validation Vulnerability — Cisco Jabber IM for Android 7.4 -2020-03-04
CVE-2019-15604 Node.js 信任管理问题漏洞 — Node 7.5 -2020-02-07
CVE-2017-14806 Insecure handling of repodata and packages in SUSE Studio onlite — Studio onsite 3.7 Low2020-01-27

Vulnerabilities classified as CWE-295 (证书验证不恰当) represent 462 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.