Total
2452 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7376 | 1 Facebook Profits On Steroids Project | 1 Facebook Profits On Steroids | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Facebook Profits on Steroids (aka com.wFacebookProfitsonSteroids) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5930 | 1 Singtel | 1 Store And Share | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Store and Share (aka sg.com.singnet.mystorage.android) application 2.0.18 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5654 | 1 Kaspersky | 1 Kaspersky Internet Security | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6994 | 1 Atecea | 1 Atecea | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Atecea (aka com.atecea) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6667 | 1 Racemotocross Project | 1 Racemotocross | 2025-04-12 | 5.4 MEDIUM | N/A |
| The racemotocross (aka com.bossappsmk.racemotocross) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6656 | 1 Drar-eym | 1 Drareym | 2025-04-12 | 5.4 MEDIUM | N/A |
| The drareym (aka com.drareym) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5954 | 1 Sbi | 1 State Bank Anywhere | 2025-04-12 | 5.4 MEDIUM | N/A |
| The State Bank Anywhere (aka com.sbi.SBIFreedomPlus) application 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2013-7040 | 2 Apple, Python | 2 Mac Os X, Python | 2025-04-12 | 4.3 MEDIUM | N/A |
| Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictably and makes it easier for context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1150. | |||||
| CVE-2012-6661 | 2 Plone, Zope | 2 Plone, Zope | 2025-04-12 | 5.0 MEDIUM | N/A |
| Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo-random number generator (PRNG), which makes it easier for remote attackers to guess the value via unspecified vectors. NOTE: this issue was SPLIT from CVE-2012-5508 due to different vulnerability types (ADT2). | |||||
| CVE-2014-7040 | 1 Unicreditgroup | 1 Unicredit Investors | 2025-04-12 | 5.4 MEDIUM | N/A |
| The UniCredit Investors (aka eu.unicreditgroup.brand.ucinvestors) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5706 | 1 Somcloud | 1 Somnote - Journal\/memo | 2025-04-12 | 5.4 MEDIUM | N/A |
| The SomNote - Journal/Memo (aka com.somcloud.somnote) application 2.1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5595 | 1 Withhive | 1 Actionpuzzlefamily For Kakao | 2025-04-12 | 5.4 MEDIUM | N/A |
| The actionpuzzlefamily for Kakao (aka com.com2us.actionpuzzlefamily.kakao.freefull.google.global.android.common) application 1.4.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7647 | 1 Mygoodhotels | 1 Booking Discount | 2025-04-12 | 5.4 MEDIUM | N/A |
| The BOOKING DISCOUNT (aka com.wmygoodhotelscom) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6022 | 1 Versentbooks | 1 Versent Books | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Versent Books (aka com.versentbooks) application 1.1.99 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7481 | 1 Etghosting | 1 Etg Hosting | 2025-04-12 | 5.4 MEDIUM | N/A |
| The ETG Hosting (aka com.etg.web.hosting) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7414 | 1 Magzter | 1 Cleo Malaysia | 2025-04-12 | 5.4 MEDIUM | N/A |
| The CLEO Malaysia (aka com.magzter.cleomalaysia) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7559 | 1 Instatalks | 1 Instatalks | 2025-04-12 | 5.4 MEDIUM | N/A |
| The InstaTalks (aka com.natrobit.instatalks) application 1.3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-5655 | 1 Adways | 1 Party Track Sdk | 2025-04-12 | 5.8 MEDIUM | N/A |
| The Adways Party Track SDK before 1.6.6 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6944 | 1 Mitfahrgelegenheit | 1 Mitfahrgelegenheit.at | 2025-04-12 | 5.4 MEDIUM | N/A |
| The mitfahrgelegenheit.at (aka com.carpooling.android.at) application 2.3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7718 | 1 Magzter | 1 Travel\+leisure | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Travel+Leisure (aka com.magzter.travelleisure) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||