Total
2450 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7533 | 1 Notredame | 1 Notredame Seguradora | 2025-04-12 | 5.4 MEDIUM | N/A |
| The NotreDame Seguradora (aka br.com.notredame.mobile.NotreDame) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6885 | 1 Usbank | 1 Academy Sports \+ Outdoors Visa | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Academy Sports + Outdoors Visa (aka com.usbank.icsmobile.academysports) application 1.18 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5971 | 1 Fiksu | 1 Fiksu Library | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Fiksu library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7435 | 1 Onesolutionapps | 1 Ajd Bail Bonds | 2025-04-12 | 5.4 MEDIUM | N/A |
| The AJD Bail Bonds (aka com.onesolutionapps.ajdbailbondsandroid) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5664 | 1 Mobilityware | 1 Spider Solitaire | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Spider Solitaire (aka com.mobilityware.spider) application 3.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7053 | 1 Citystar | 1 City Star Me | 2025-04-12 | 5.4 MEDIUM | N/A |
| The City Star ME (aka com.citystarme) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2016-1731 | 1 Apple | 1 Software Update | 2025-04-12 | 5.0 MEDIUM | 5.9 MEDIUM |
| Apple Software Update before 2.2 on Windows does not use HTTPS, which makes it easier for man-in-the-middle attackers to spoof updates by modifying the client-server data stream. | |||||
| CVE-2014-6964 | 1 Hyonga | 1 Hanyang University Admissions | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Hanyang University Admissions (aka kr.ac.hanyang.planner) application 2.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5857 | 1 Avantar | 1 White \& Yellow Pages | 2025-04-12 | 5.4 MEDIUM | N/A |
| The White & Yellow Pages (aka com.avantar.wny) application 5.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7497 | 1 Portfolium Project | 1 Portfolium | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Portfolium (aka com.wPortfolium) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5884 | 1 1und1 | 1 1\&1 Online Storage | 2025-04-12 | 5.4 MEDIUM | N/A |
| The 1&1 Online Storage (aka de.einsundeins.smartdrive) application 5.0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6696 | 1 Candy Girl Party Makeover Project | 1 Candy Girl Party Makeover | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Candy Girl Party Makeover (aka com.bearhugmedia.android_candygirlparty) application 1.0.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7068 | 1 Neumann | 1 Neumann Student Activities | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Neumann Student Activities (aka com.appmakr.app153856) application 216607 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6881 | 1 Pnc | 1 Virtual Wallet By Pnc | 2025-04-12 | 5.4 MEDIUM | N/A |
| The PNC Virtual Wallet (aka com.pnc.ecommerce.mobile.vw.android) application before 2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6664 | 1 Latin Angels Music Hd Project | 1 Latin Angels Music Hd | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Latin Angels Music HD (aka com.applizards.lafreetj) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2016-6550 | 1 Bb\&t | 1 The U | 2025-04-12 | 4.3 MEDIUM | 5.4 MEDIUM |
| The U by BB&T app 1.5.4 and earlier for iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7693 | 1 Jusapp | 1 Jusapp\! | 2025-04-12 | 5.4 MEDIUM | N/A |
| The JusApp! (aka com.tapatalk.jusappcombrforum) application 3.7.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5649 | 1 Ilove | 1 Ilove - Free Dating \& Chat App | 2025-04-12 | 5.4 MEDIUM | N/A |
| The iLove - Free Dating & Chat App (aka com.jestadigital.android.ilove) application 1.3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5844 | 1 Alsunna Project | 1 Alsunna | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Alsunna (aka com.wAlsunna) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2012-5662 | 1 Paul Mattes | 1 X3270 | 2025-04-12 | 5.8 MEDIUM | N/A |
| x3270 before 3.3.12ga12 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | |||||