Total
2455 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5573 | 1 Appstros | 1 Appstros - Free Gift Cards\! | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Appstros - FREE Gift Cards! (aka com.appstros.main) application 1.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7313 | 1 One You Fitness Project | 1 One You Fitness | 2025-04-12 | 5.4 MEDIUM | N/A |
| The One You Fitness (aka com.app_oneyou.layout) application 1.399 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7461 | 1 Teknopoint | 1 A King Sperm By Dr. Seema Rao | 2025-04-12 | 5.4 MEDIUM | N/A |
| The A King Sperm by Dr. Seema Rao (aka com.wKingSperm) application 0.63.13384.23020 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7025 | 1 Whoisit | 1 Who-is-it\? Lite Name Caller Time Limited Free | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Who-is-it? Lite name caller time limited free (aka de.profiler.android.whoisit) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5863 | 1 Netmarble | 1 Mpang.gp | 2025-04-12 | 5.4 MEDIUM | N/A |
| The mpang.gp (aka air.com.cjenm.mpang.gp) application 4.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7452 | 1 Shaklee Product Catalog Project | 1 Shaklee Product Catalog | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Shaklee Product Catalog (aka com.wProductCatalog) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-8627 | 1 Polarssl | 1 Polarssl | 2025-04-12 | 5.0 MEDIUM | N/A |
| PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors. | |||||
| CVE-2014-2900 | 1 Yassl | 1 Cyassl | 2025-04-12 | 5.8 MEDIUM | N/A |
| wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 certificates with unknown critical extensions, which allows man-in-the-middle attackers to spoof servers via crafted X.509 certificate. | |||||
| CVE-2014-7777 | 1 Gcspublishing | 1 Slingshot Forum | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Slingshot Forum (aka com.tapatalk.theslingshotforumcom) application 3.9.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5651 | 1 Kicksend | 1 Kicksend\ | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Kicksend: Share & Print Photos (aka com.kicksend.android) application 3.3.2.18 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5902 | 1 Uacinemas | 1 Ua Cinemas - Mobile Ticketing | 2025-04-12 | 5.4 MEDIUM | N/A |
| The UA Cinemas - Mobile ticketing (aka com.mtel.uacinemaapps) application 2.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5791 | 1 Daumcorp | 1 Daum Cloud | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Daum Cloud (aka net.daum.android.cloud) application 1.6.18 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5962 | 1 Gamelikeapps | 1 Guess The Actor | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Guess The Actor (aka com.gamelikeinc.actors) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7774 | 1 Herbs \& Flowers Dictionary Project | 1 Herbs \& Flowers Dictionary | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Herbs & Flowers Dictionary (aka com.wHerbsNFlowersDictionary) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6800 | 1 Parentlink | 1 Bloom Township 206 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bloom Township 206 (aka net.parentlink.bloom) application 4.0.500 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6955 | 1 Misterpark | 1 Le Grand Bleu | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Le Grand Bleu (aka com.appzone468) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5626 | 1 Gameloft | 1 Brothers In Arms 2 Free\+ | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Brothers In Arms 2 Free+ (aka com.gameloft.android.ANMP.GloftB2HM) application 1.2.0b for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5703 | 1 Slingo | 1 Slingo Lottery Challenge | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Slingo Lottery Challenge (aka com.slingo.slingolotterychallenge) application 1.0.34 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-3324 | 1 Lenovo | 6 Thinkserver Rd350, Thinkserver Rd450, Thinkserver Rd550 and 3 more | 2025-04-12 | 4.3 MEDIUM | N/A |
| The ThinkServer System Manager (TSM) Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 does not validate server certificates during an "encrypted remote KVM session," which allows man-in-the-middle attackers to spoof servers. | |||||
| CVE-2014-5615 | 1 Snapone | 1 Snap Secure | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Snap Secure (aka com.exclaim.snapsecure.app) application 9.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||