Total
2452 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5746 | 1 Vkr Soft | 1 Government Best Jobs | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Government Best Jobs (aka com.wGovernmentBestJobs) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5799 | 1 Nonghyup | 1 Smart Card | 2025-04-12 | 5.4 MEDIUM | N/A |
| The smart.card (aka nh.smart.card) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6722 | 1 Clearfishing | 1 Pescuit Crap Lite | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Pescuit Crap Lite (aka ro.aventurilapescui.pescuitcrap.lite) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5676 | 1 Playrix | 1 Township | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Township (aka com.playrix.township) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5941 | 1 Armpit Spa \& Girl Games Project | 1 Armpit Spa \& Girl Games | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Armpit Spa & Girl Games (aka com.freegames.spamakeover) application 1.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6867 | 1 Sortir-en-alsace | 1 Sortir En Alsace | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Sortir en Alsace (aka com.axessweb.sortirenalsace) application 0.5b for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4825 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2025-04-12 | 4.3 MEDIUM | N/A |
| IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 does not properly implement secure connections, which allows man-in-the-middle attackers to discover cleartext credentials via unspecified vectors. | |||||
| CVE-2014-5860 | 1 Aximediasoft | 1 Slide Show Creator | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Slide Show Creator (aka com.amem) application 4.4.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5850 | 1 Kaavefali | 1 Kaave Fali | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Kaave Fali (aka com.didilabs.kaavefali) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5923 | 1 Statusvia | 1 Facebook Status Via | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Facebook Status Via (aka com.StatusViaAdvanced) application 3.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6906 | 1 Loli Chocolate Cake Project | 1 Loli Chocolate Cake | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Loli Chocolate Cake (aka com.alison.kang.chocolatecake) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4889 | 1 Diabetic Diet Guide Project | 1 Diabetic Diet Guide | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Diabetic Diet Guide (aka com.wDiabeticDietGuide) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-8840 | 1 Apple | 1 Iphone Os | 2025-04-12 | 6.8 MEDIUM | N/A |
| The iTunes Store component in Apple iOS before 8.1.3 allows remote attackers to bypass a Safari sandbox protection mechanism by leveraging redirection of an SSL URL to the iTunes Store. | |||||
| CVE-2014-7033 | 1 Curecos | 1 Cure Viewer | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Cure Viewer (aka com.livedoor.android.cureviewer) application 1.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5570 | 1 Aol | 1 Dailyfinance - Stocks \& News | 2025-04-12 | 5.4 MEDIUM | N/A |
| The DailyFinance - Stocks & News (aka com.aol.mobile.dailyFinance) application 2.0.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-3908 | 1 Amazon | 1 Kindle | 2025-04-12 | 5.8 MEDIUM | N/A |
| The Amazon.com Kindle application before 4.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6964 | 1 Hyonga | 1 Hanyang University Admissions | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Hanyang University Admissions (aka kr.ac.hanyang.planner) application 2.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5444 | 1 Yorba | 1 Geary | 2025-04-12 | 4.3 MEDIUM | N/A |
| Geary before 0.6.3 does not present the user with a warning when a TLS certificate error is detected, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted certificate. | |||||
| CVE-2014-5635 | 1 Createdineden | 1 Buy Yorkshire Conference | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Buy Yorkshire Conference (aka com.gotfocus.buyyorkshire) application 1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7580 | 1 Thailand Investor News Project | 1 Thailand Investor News | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Thailand Investor News (aka nudecreative.thaistock.set) application 1.39s for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||