Total
2452 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7592 | 1 Fanshawec | 1 Fol | 2025-04-12 | 5.4 MEDIUM | N/A |
| The FOL (aka com.desire2learn.fol.mobile.app.campuslife.directory) application 3.0.729.1459 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5774 | 1 Web Browser \& Explorer Project | 1 Web Browser \& Explorer | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Web Browser & Explorer (aka internetexplorer.browser.webexplorer) application 4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5928 | 1 Steganos | 1 Steganos Online Shield Vpn | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Steganos Online Shield VPN (aka com.steganos.onlineshield) application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7628 | 1 Priorswood | 1 Acorn Comms | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Acorn Comms (aka com.acorncomms.app) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2013-4442 | 1 Pwgen Project | 1 Pwgen | 2025-04-12 | 5.0 MEDIUM | N/A |
| Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers. | |||||
| CVE-2014-7431 | 1 Standardchartered | 1 Breeze Jersey | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Breeze Jersey (aka com.sc.breezeje.banking) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5983 | 1 Threadflip | 1 Threadflip Buy Sell Fashion | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Threadflip : Buy, Sell Fashion (aka com.threadflip.android) application 1.1.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6670 | 1 Singaporemotherhood | 1 Singaporemotherhood Forum | 2025-04-12 | 5.4 MEDIUM | N/A |
| The SingaporeMotherhood Forum (aka com.tapatalk.singaporemotherhoodcomforum) application 3.6.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7793 | 1 Cb - Calciatori Brutti Project | 1 Cb - Calciatori Brutti | 2025-04-12 | 5.4 MEDIUM | N/A |
| The CB - Calciatori Brutti (aka com.calciatori.brutti) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5917 | 1 Grassapper | 1 Slideshow 365 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Slideshow 365 (aka com.Slideshow) application 3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7590 | 1 Webpromoexperts | 1 Webpromoexperts | 2025-04-12 | 5.4 MEDIUM | N/A |
| The WebPromoExperts (aka ua.com.webpromoexperts) application 1.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7759 | 1 Nobexrc | 1 Jazz Lovers Radio | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Jazz Lovers Radio (aka com.nobexinc.wls_99273254.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5845 | 1 Thirdwire | 1 Strike Fighters Israel | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Strike Fighters Israel (aka com.thirdwire.strikefighters.mideast.android) application 1.2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7420 | 1 Magzter | 1 Just Bureaucracy | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Just Bureaucracy (aka com.magzter.justbureaucracy) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6847 | 1 Horoscopesanddreams | 1 Horoscopes And Dreams | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Horoscopes and Dreams (aka com.horoscopesanddreams) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6962 | 1 Publicstuff | 1 Elk Grove Publicstuff | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Elk Grove PublicStuff (aka com.wassabi.elkgrove) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7724 | 1 Chemssou Blink Project | 1 Chemssou Blink | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Chemssou Blink (aka com.chemssou.blink) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0139 | 1 Haxx | 2 Curl, Libcurl | 2025-04-12 | 5.8 MEDIUM | N/A |
| cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. | |||||
| CVE-2014-6658 | 1 Apploi | 1 Apploi Job Search- Find Jobs | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Apploi Job Search- Find Jobs (aka com.apploi) application 4.19 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7135 | 1 Ayuntamientodecoana | 1 Ayuntamiento De Coana | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Ayuntamiento de Coana (aka com.wInfoCoa) application 0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||