Total
2448 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5642 | 1 Impi | 1 Impi Mobile Security | 2025-04-12 | 5.4 MEDIUM | N/A |
| The IMPI Mobile Security (aka com.impi) application 2.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6700 | 1 Nba | 1 Nba Game Time 2013-2014 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The NBA Game Time 2013-2014 (aka com.nbadigital.gametimelite) application 4.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5747 | 1 Comcast | 1 Xfinity Constant Guard Mobile | 2025-04-12 | 5.4 MEDIUM | N/A |
| The XFINITY Constant Guard Mobile (aka com.whitesky.mobile.android) application 3.1.140603 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5593 | 1 Christiancafe | 1 Christian Dating Cafe | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Christian Dating Cafe (aka com.christiancafe.mobile.android) application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5957 | 1 Linkyungame | 1 Alien War Survivors | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Alien War Survivors (aka com.ly.a13.gp) application 1.3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7608 | 1 Carrierenterprise | 1 Carrier Enterprise Hvac Assist | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Carrier Enterprise HVAC Assist (aka com.es.CE) application 4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2016-2306 | 1 Ecava | 1 Integraxor | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
| The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network. | |||||
| CVE-2016-6899 | 1 Huawei | 14 Rh1288 V3 Server, Rh1288 V3 Server Firmware, Rh2288 V3 Server and 11 more | 2025-04-12 | 4.3 MEDIUM | 7.5 HIGH |
| The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, RH2288H V3 servers with software before V100R003C00SPC515, RH5885 V3 servers with software before V100R003C10SPC102, and XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610 might allow remote attackers to decrypt encrypted data and consequently obtain sensitive information by leveraging selection of an insecure SSL encryption algorithm. | |||||
| CVE-2014-4632 | 1 Vmware | 1 Vsphere Data Protection | 2025-04-12 | 4.3 MEDIUM | N/A |
| VMware vSphere Data Protection (VDP) 5.1, 5.5 before 5.5.9, and 5.8 before 5.8.1 and the proxy client in EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x do not properly verify X.509 certificates from vCenter Server SSL servers, which allows man-in-the-middle attackers to spoof servers, and bypass intended backup and restore access restrictions, via a crafted certificate. | |||||
| CVE-2014-6655 | 1 Exoticpetnetwork | 1 Tortoise Forum | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Tortoise Forum (aka org.tortoiseforum.android.forumrunner) application 3.5.16 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5859 | 1 Animoca | 1 Star Girl\ | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Star Girl: Colors of Spring (aka com.animoca.google.starGirlSpring) application 3.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6783 | 1 Campustv | 1 Campus Link - Campus Tv Hkusu | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Campus Link - Campus TV HKUSU (aka com.campus.tv.hkusu) application 2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5968 | 1 Igolf | 1 Igolf - Golf Gps | 2025-04-12 | 5.4 MEDIUM | N/A |
| The iGolf - Golf GPS (aka com.igolf) application 20 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6830 | 1 Covetfashion | 1 Covet Fashion - Shopping Game | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Covet Fashion - Shopping Game (aka com.crowdstar.covetfashion) application 2.14.40 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5654 | 1 Kaspersky | 1 Kaspersky Internet Security | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7804 | 1 Apptreestudios | 1 Gangsta Auto Thief Iii | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Gangsta Auto Thief III (aka com.apptreestudios.gdup3) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6153 | 1 Ibm | 1 Websphere Service Registry And Repository | 2025-04-12 | 4.3 MEDIUM | N/A |
| The Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x through 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | |||||
| CVE-2014-7603 | 1 Graveydesign | 1 Gravey Design | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Gravey Design (aka com.dreamstep.wGraveyDesign) application 0.58.13357.54919 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7524 | 1 Bed And Breakfast Project | 1 Bed And Breakfast | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bed and Breakfast (aka com.wbedandbreakfastapp) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5321 | 1 Filemaker | 2 Filemaker Pro, Filemaker Pro Advanced | 2025-04-12 | 5.8 MEDIUM | N/A |
| FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2319. | |||||