Total
2452 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7113 | 1 Nasa Universe Wallpapers Xeus Project | 1 Nasa Universe Wallpapers Xeus | 2025-04-12 | 5.4 MEDIUM | N/A |
| The NASA Universe Wallpapers Xeus (aka com.xeusNASA) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7398 | 1 Buronya | 1 Dil Bilgisi Kurallari | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Dil Bilgisi Kurallari (aka com.buronya.dilbilgisi) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5861 | 1 Skout | 1 Boyahoy - Gay Chat | 2025-04-12 | 5.4 MEDIUM | N/A |
| The BoyAhoy - Gay Chat (aka com.boyahoy.android) application 4.3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0103 | 2 Fedoraproject, Zarafa | 3 Fedora, Webapp, Zarafa | 2025-04-12 | 2.1 LOW | N/A |
| WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files. | |||||
| CVE-2014-7585 | 1 Gcspublishing | 1 Biplane Forum | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Biplane Forum (aka com.gcspublishing.biplaneforum) application 3.7.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7521 | 1 Mobiloapps | 1 Anderson Musaamil | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Anderson Musaamil (aka com.app_andersonmusaamil.layout) application 1.400 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7011 | 1 Nwtc | 1 Nwtc Mobile | 2025-04-12 | 5.4 MEDIUM | N/A |
| The NWTC Mobile (aka com.dub.app.nwtc) application 1.4.17 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7613 | 1 Pocketmags | 1 Wasps Official Programmes | 2025-04-12 | 5.4 MEDIUM | N/A |
| The WASPS Official Programmes (aka com.triactivemedia.wasps) application @7F080130 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7090 | 1 Vcccd | 1 Myvcccd | 2025-04-12 | 5.4 MEDIUM | N/A |
| The MyVCCCD (aka com.dub.app.ventura) application 1.4.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6825 | 1 Teatrofrancoparenti | 1 Teatro Franco Parenti | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Teatro Franco Parenti (aka com.mintlab.mx.teatroparenti) application 1.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7402 | 1 Encardirect | 1 Sk Encar | 2025-04-12 | 5.4 MEDIUM | N/A |
| The SK encar (aka com.encardirect.app) application @7F050000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2011-3152 | 1 Canonical | 2 Ubuntu Linux, Update-manager | 2025-04-12 | 6.4 MEDIUM | N/A |
| DistUpgrade/DistUpgradeFetcherCore.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 on Ubuntu 8.04 through 11.10 does not verify the GPG signature before extracting an upgrade tarball, which allows man-in-the-middle attackers to (1) create or overwrite arbitrary files via a directory traversal attack using a crafted tar file, or (2) bypass authentication via a crafted meta-release file. | |||||
| CVE-2014-6787 | 1 Counterintuition | 1 Counter Intuition | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Counter Intuition (aka com.counter.intuition) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4900 | 1 Mig | 1 Migme | 2025-04-12 | 5.4 MEDIUM | N/A |
| The migme (aka com.projectgoth) application 4.03.002 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5573 | 1 Appstros | 1 Appstros - Free Gift Cards\! | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Appstros - FREE Gift Cards! (aka com.appstros.main) application 1.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7313 | 1 One You Fitness Project | 1 One You Fitness | 2025-04-12 | 5.4 MEDIUM | N/A |
| The One You Fitness (aka com.app_oneyou.layout) application 1.399 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7461 | 1 Teknopoint | 1 A King Sperm By Dr. Seema Rao | 2025-04-12 | 5.4 MEDIUM | N/A |
| The A King Sperm by Dr. Seema Rao (aka com.wKingSperm) application 0.63.13384.23020 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7025 | 1 Whoisit | 1 Who-is-it\? Lite Name Caller Time Limited Free | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Who-is-it? Lite name caller time limited free (aka de.profiler.android.whoisit) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5863 | 1 Netmarble | 1 Mpang.gp | 2025-04-12 | 5.4 MEDIUM | N/A |
| The mpang.gp (aka air.com.cjenm.mpang.gp) application 4.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7452 | 1 Shaklee Product Catalog Project | 1 Shaklee Product Catalog | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Shaklee Product Catalog (aka com.wProductCatalog) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||