Total
2452 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5677 | 1 Pointinside | 1 Point Inside Shopping \& Travel | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Point Inside Shopping & Travel (aka com.pointinside.android.app) application 3.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7562 | 1 Healthadvocate | 1 Health Advocate Smarthelp | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Health Advocate SmartHelp (aka com.healthadvocate.ui) application 3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7083 | 1 Jiujik | 1 Jiu Jik | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Jiu Jik (aka com.scmp.jiujik) application 1.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7447 | 1 Dattch | 1 Dattch - The Lesbian App | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Dattch - The Lesbian App (aka com.dattch.dattch.app) application 0.30 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5369 | 1 Enigmail | 1 Enigmail | 2025-04-12 | 4.3 MEDIUM | N/A |
| Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipients are specified, which allows remote attackers to obtain sensitive information by sniffing the network. | |||||
| CVE-2014-6814 | 1 Sentinels Randomizer Project | 1 Sentinels Randomizer | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Sentinels Randomizer (aka com.mikehipps.sentinelsrandomizer) application 1.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7475 | 1 Drifty | 1 Ionic View | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Ionic View (aka com.ionic.viewapp) application 0.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5764 | 1 Nq | 1 Antivirus Free | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Antivirus Free (aka com.zrgiu.antivirus) application 7.2.16.02 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6023 | 1 S-peek | 1 S-peek Credit Rating Report | 2025-04-12 | 5.4 MEDIUM | N/A |
| The s-peek credit rating report (aka com.rhomobile.speek) application 2.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-8495 | 1 Citrix | 1 Xenmobile | 2025-04-12 | 5.0 MEDIUM | N/A |
| Citrix XenMobile MDX Toolkit before 9.0.4, when used to wrap iOS 8 applications, does not properly encrypt cached application data, which allows context-dependent attackers to obtain sensitive information by reading the cache. | |||||
| CVE-2014-1210 | 1 Vmware | 1 Vsphere Client | 2025-04-12 | 5.8 MEDIUM | N/A |
| VMware vSphere Client 5.0 before Update 3 and 5.1 before Update 2 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate. | |||||
| CVE-2016-1618 | 1 Google | 1 Chrome | 2025-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| Blink, as used in Google Chrome before 48.0.2564.82, does not ensure that a proper cryptographicallyRandomValues random number generator is used, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. | |||||
| CVE-2014-7003 | 1 Goodwinproject | 1 Goodwin | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Goodwin (aka com.goodwin.Goodwin) application 1.15 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6846 | 1 Intelitycorp | 1 Four Seasons Beverly Hills | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Four Seasons Beverly Hills (aka com.intelitycorp.FourSeasons.android.ice) application @7F050007 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5551 | 1 Ilearnwith | 1 Alphabet \& Spelling Kids Games | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Alphabet & Spelling Kids Games (aka air.com.tribalnova.ilearnwith.ipad.App1En) application 1.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7012 | 1 Coffee-inn | 1 Coffee Inn | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Coffee Inn (aka lt.lemonlabs.android.coffeeinn) application 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5629 | 1 Gameresort | 1 Stupid Zombies | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Stupid Zombies (aka com.gameresort.stupidzombies) application 1.12 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7344 | 1 Pocketmags | 1 Classic Arms \& Militaria | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Classic Arms & Militaria (aka com.magazinecloner.classicarmsandm) application @7F080193 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6875 | 1 Woodforest | 1 Woodforest Mobile Banking | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Woodforest Mobile Banking (aka com.woodforest) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5642 | 1 Impi | 1 Impi Mobile Security | 2025-04-12 | 5.4 MEDIUM | N/A |
| The IMPI Mobile Security (aka com.impi) application 2.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||