Total
2455 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-6763 | 1 Secondfiction | 1 Codename Birdgame | 2025-04-12 | 5.4 MEDIUM | N/A |
The Codename Birdgame (aka com.devsecondfictioncom.devsecondfictioncom.birdadhoc) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2012-6107 | 1 Apache | 1 Apache Axis2\/c | 2025-04-12 | 4.3 MEDIUM | N/A |
Apache Axis2/C does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | |||||
CVE-2016-8889 | 1 Bitcoin Knots Project | 1 Bitcoin Knots | 2025-04-12 | 2.1 LOW | 6.2 MEDIUM |
In Bitcoin Knots v0.11.0.ljr20150711 through v0.13.0.knots20160814 (fixed in v0.13.1.knots20161027), the debug console stores sensitive information including private keys and the wallet passphrase in its persistent command history. | |||||
CVE-2014-5599 | 1 Withhive | 1 Tiny Farm | 2025-04-12 | 5.4 MEDIUM | N/A |
The Tiny Farm (aka com.com2us.tinyfarm.normal.freefull.google.global.android.common) application 2.02.00 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-6768 | 1 Anywhere Anytime Yoga Workout Project | 1 Anywhere Anytime Yoga Workout | 2025-04-12 | 5.4 MEDIUM | N/A |
The Anywhere Anytime Yoga Workout (aka com.bayart.yoga) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5882 | 1 Applica | 1 Homoo Ijiri | 2025-04-12 | 5.4 MEDIUM | N/A |
The Homoo Ijiri (aka jp.co.applica) application 3.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-7026 | 1 Lifetimefitness | 1 Life Time Fitness | 2025-04-12 | 5.4 MEDIUM | N/A |
The LIFE TIME FITNESS (aka com.lifetimefitness.ltfmobile) application 1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-7340 | 1 Pocketmags | 1 Old Bike Mart | 2025-04-12 | 5.4 MEDIUM | N/A |
The Old Bike Mart (aka com.magazinecloner.oldbike) application @7F08017E for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-7362 | 1 Naranjascontocados | 1 Naranjas Con Tocados | 2025-04-12 | 5.4 MEDIUM | N/A |
The Naranjas Con Tocados (aka com.NaranjasConTocados.com) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5834 | 1 Mobiledeluxe | 1 Solitaire Deluxe | 2025-04-12 | 5.4 MEDIUM | N/A |
The Solitaire Deluxe (aka com.gosub60.solfree2) application 2.8.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-7563 | 1 Tacticalforcellc | 1 Tactical Force Llc | 2025-04-12 | 5.4 MEDIUM | N/A |
The Tactical Force LLC (aka com.conduit.app_69f61a8852b046f2846054b30c4032a7.app) application 1.9.23.276 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-6718 | 1 Mymobileday1 | 1 My Mobile Day | 2025-04-12 | 5.4 MEDIUM | N/A |
The My Mobile Day (aka com.mymobileday) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-7121 | 1 Magzter | 1 Dhanam | 2025-04-12 | 5.4 MEDIUM | N/A |
The Dhanam (aka com.magzter.dhanam) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-3302 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | 5.8 MEDIUM | N/A |
user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708. | |||||
CVE-2014-0866 | 1 Ibm | 2 Algo Credit Limits, Algorithmics | 2025-04-12 | 4.3 MEDIUM | N/A |
RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics sends cleartext credentials over HTTP, which allows remote attackers to obtain sensitive information by sniffing the network. | |||||
CVE-2014-5668 | 1 Band | 1 Band -group Sharing \& Planning | 2025-04-12 | 5.4 MEDIUM | N/A |
The BAND -Group sharing & planning (aka com.nhn.android.band) application 3.2.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5582 | 1 Makingmoneywithandroid | 1 Ingress Intel Helper | 2025-04-12 | 5.4 MEDIUM | N/A |
The Ingress Intel Helper (aka com.bb.ingressintel) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-6647 | 1 Santiagosarceda | 1 Elforro.com | 2025-04-12 | 5.4 MEDIUM | N/A |
The ElForro.com (aka com.tapatalk.elforrocom) application 2.4.3.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-7799 | 1 Squishy Birds Project | 1 Squishy Birds | 2025-04-12 | 5.4 MEDIUM | N/A |
The Squishy birds (aka com.tatmob.squishybirds) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5321 | 1 Filemaker | 2 Filemaker Pro, Filemaker Pro Advanced | 2025-04-12 | 5.8 MEDIUM | N/A |
FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2319. |