Total
2452 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7472 | 1 Mascov | 1 Csapp - Colegio San Agustin | 2025-04-12 | 5.4 MEDIUM | N/A |
| The CSApp - Colegio San Agustin (aka com.goodbarber.csapp) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5601 | 1 1800contacts | 1 1800contacts App | 2025-04-12 | 5.4 MEDIUM | N/A |
| The 1800CONTACTS App (aka com.contacts1800.ecomapp) application 2.7.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6989 | 1 Germanwings | 1 Germanwings | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Germanwings (aka com.germanwings.android) application 2.1.13 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7581 | 1 Quotes Of Travis Barker Project | 1 Quotes Of Travis Barker | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Quotes of Travis Barker (aka com.celebrity_quotes.travisbarker) application 0.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5968 | 1 Igolf | 1 Igolf - Golf Gps | 2025-04-12 | 5.4 MEDIUM | N/A |
| The iGolf - Golf GPS (aka com.igolf) application 20 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0350 | 1 Pocoproject | 1 Poco C\+\+ Libraries | 2025-04-12 | 6.4 MEDIUM | N/A |
| The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate. | |||||
| CVE-2014-7056 | 1 Yeast Infection Project | 1 Yeast Infection | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Yeast Infection (aka com.wyeastinfectionapp) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7407 | 1 Mygamedaytix | 1 Game Day Tix | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Game Day Tix (aka com.xcr.android.mygamedaytickets) application 2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6761 | 1 Pimpstore | 1 Aprende A Meditar | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Aprende a Meditar (aka com.rareartifact.aprendeameditar544CB0A2) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5830 | 1 Farm Frenzy Gold Project | 1 Farm Frenzy Gold | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Farm Frenzy Gold (aka com.herocraft.game.farmfrenzy.gold) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-5717 | 1 Siemens | 1 Compas | 2025-04-12 | 5.8 MEDIUM | N/A |
| The Siemens COMPAS Mobile application before 1.6 for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6889 | 1 Gunbroker | 1 Gunbroker.com | 2025-04-12 | 5.4 MEDIUM | N/A |
| The GunBroker.com (aka com.gunbroker.android) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6848 | 1 Synology | 1 Ds File | 2025-04-12 | 5.4 MEDIUM | N/A |
| The DS file (aka com.synology.DSfile) application 4.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5982 | 1 Runkeeper | 1 Runkeeper - Gps Track Run Walk | 2025-04-12 | 5.4 MEDIUM | N/A |
| The RunKeeper - GPS Track Run Walk (aka com.fitnesskeeper.runkeeper.pro) application 4.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5898 | 1 Heavy Duty Truck Driver Simulator 3d Project | 1 Heavy Duty Truck Driver Simulator 3d | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Heavy Duty Truck Driver Simulator 3D (aka com.oas.heavy.duty.truck.driver.simulator3d) application 1.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6676 | 1 Hdcar | 1 Exercitii Pentru Abdomen | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Exercitii pentru abdomen (aka com.rareartifact.exercitiipentruabdomen41E29322) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6675 | 1 Rutaexacta | 1 Ruta Exacta | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Ruta Exacta (aka com.rutaexacta.m) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2016-5084 | 1 Animas | 2 Onetouch Ping, Onetouch Ping Firmware | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| Johnson & Johnson Animas OneTouch Ping devices do not use encryption for certain data, which might allow remote attackers to obtain sensitive information by sniffing the network. | |||||
| CVE-2014-6862 | 1 Gencat | 1 Artacces | 2025-04-12 | 5.4 MEDIUM | N/A |
| The ArtAcces (aka cat.gencat.mobi.artacces) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5704 | 1 Dish | 1 Dish Anywhere | 2025-04-12 | 5.4 MEDIUM | N/A |
| The DISH Anywhere (aka com.sm.SlingGuide.Dish) application 3.5.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||