Total
2460 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5937 | 1 Freediyhomeimprovement | 1 Social Networking | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Social Networking (aka com.wSocialNetworkingSites) application 0.33.13320.99980 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0102 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 5.2 MEDIUM | N/A |
| The keyring_detect_cycle_iterator function in security/keys/keyring.c in the Linux kernel through 3.13.6 does not properly determine whether keyrings are identical, which allows local users to cause a denial of service (OOPS) via crafted keyctl commands. | |||||
| CVE-2014-5602 | 1 Magzter | 1 Magzter -magazine \& Book Store | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Magzter -Magazine & Book Store (aka com.dci.magzter) application 3.31 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5598 | 1 Withhive | 1 Puzzle Family | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Puzzle Family (aka com.com2us.puzzlefamily.up.freefull.google.global.android.common) application 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7694 | 1 Fastappz | 1 Corvette Museum | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Corvette Museum (aka com.app_corvettemuseum.layout) application 1.399 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7598 | 1 Poker Puzzle Project | 1 Poker Puzzle | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Poker Puzzle (aka com.sharpiq.pokerpuzzle) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4391 | 1 Apple | 1 Mac Os X | 2025-04-12 | 6.8 MEDIUM | N/A |
| The Code Signing feature in Apple OS X before 10.10 does not properly handle incomplete resource envelopes in signed bundles, which allows remote attackers to bypass intended app-author restrictions by omitting an execution-related resource. | |||||
| CVE-2015-0285 | 1 Openssl | 1 Openssl | 2025-04-12 | 4.3 MEDIUM | N/A |
| The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 before 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and then conducting a brute-force attack. | |||||
| CVE-2013-0173 | 1 Theforeman | 1 Foreman | 2025-04-12 | 5.0 MEDIUM | N/A |
| Foreman before 1.1 uses a salt of "foreman" to hash root passwords, which makes it easier for attackers to guess the password via a brute force attack. | |||||
| CVE-2014-6680 | 1 Superheroquiz Project | 1 Superheroquiz | 2025-04-12 | 5.4 MEDIUM | N/A |
| The superheroquiz (aka com.davidhey.superheroquiz) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4447 | 1 Apple | 1 Os X Server | 2025-04-12 | 1.9 LOW | N/A |
| Profile Manager in Apple OS X Server before 4.0 allows local users to discover cleartext passwords by reading a file after a (1) profile setup or (2) profile edit occurs. | |||||
| CVE-2014-7701 | 1 Abine | 1 Donottrackme - Mobile Privacy | 2025-04-12 | 5.4 MEDIUM | N/A |
| The DoNotTrackMe - Mobile Privacy (aka com.abine.dnt) application 1.1.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5781 | 1 Playscape | 1 Bouncy Bill Easter Tales | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bouncy Bill Easter Tales (aka mominis.Generic_Android.Bouncy_Bill_Easter_Tales) application 1.0.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7589 | 1 Icbc | 1 Industrial And Commercial Bank Of China | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Industrial and Commercial Bank of China (ICBC) Banking (aka com.icbc.android) application 2.40 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5527 | 1 Tapjoy | 1 Tapjoy Library | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Tapjoy library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5858 | 1 Candy Blast Project | 1 Candy Blast | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Candy Blast (aka com.appgame7.candyblast) application 1.1.001 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7439 | 1 Beneplus | 1 Bene\+ Odmeny A Slevy | 2025-04-12 | 5.4 MEDIUM | N/A |
| The bene+ odmeny a slevy (aka cz.gemoney.bene.android) application 1.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6685 | 1 Netjapan | 1 Tsushima Travel Guide | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Tsushima Travel Guide (aka com.netjapan.ntsushima) application 1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7689 | 1 Longluntan | 1 Gzonerc - The Rc Hobby Hub | 2025-04-12 | 5.4 MEDIUM | N/A |
| The GzoneRC - The RC Hobby Hub (aka com.wGzoneRC) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7048 | 1 Bearidlock | 1 Bear Id Lock | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bear ID Lock (aka com.wBearIDLock) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||