Total
2448 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6710 | 1 Chifro | 1 Chifro Kids Coloring Game | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Chifro Kids Coloring Game (aka com.chifro.kids_coloring_game) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6960 | 1 Sourcelink | 1 Multitrac | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Multitrac (aka com.multitrac) application 1.04 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0848 | 1 Ibm | 1 Netezza Performance Portal | 2025-04-12 | 3.5 LOW | N/A |
| The (1) ssl.conf and (2) httpd.conf files in the Apache HTTP Server component in IBM Netezza Performance Portal 2.0 before 2.0.0.4 have weak SSLCipherSuite values, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. | |||||
| CVE-2014-6714 | 1 Webmd | 1 Webmd | 2025-04-12 | 5.4 MEDIUM | N/A |
| The WebMD (aka com.webmd.android) application 3.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7491 | 1 Ireadercity | 1 Short Stories | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Short Stories (aka com.ireadercity.c48) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5715 | 1 Thegameboss | 1 Street Racing | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Street Racing (aka com.tgb.streetracing.lite5pp) application 4.0.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6697 | 1 Mobilesoft | 1 Morocco Weather | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Morocco Weather (aka com.mobilesoft.meteomaroc) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6006 | 1 Gratta \& Vinci\? Project | 1 Gratta \& Vinci\? | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Gratta & Vinci? (aka com.dreamstep.wGrattaevinci) application 0.21.13167.93474 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6962 | 1 Publicstuff | 1 Elk Grove Publicstuff | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Elk Grove PublicStuff (aka com.wassabi.elkgrove) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6013 | 1 Nuphoto | 1 Nusquare | 2025-04-12 | 5.4 MEDIUM | N/A |
| The nuSquare (aka tw.com.nuphoto.nusquare) application 1.0.78 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5710 | 1 Flane | 1 Cisco Class Locator Fast Lane | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Cisco Class Locator Fast Lane (aka com.tabletkings.mycompany.fastlane.cisco) application for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5811 | 1 Zoom | 1 Zoom Cloud Meetings | 2025-04-12 | 5.4 MEDIUM | N/A |
| The ZOOM Cloud Meetings (aka us.zoom.videomeetings) application @7F060008 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7705 | 1 Mbtcreations | 1 Atkins Diet Free Shopping List | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Atkins Diet Free Shopping List (aka com.wAtkinsDietFreeShoppingList) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6723 | 1 Comicsplusapp | 1 Comics Plus | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Comics Plus (aka com.iversecomics.comicsplus.android) application 1.06 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5839 | 1 Labanquepostale | 1 Acces Compte | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Acces Compte (aka com.fullsix.android.labanquepostale.accountaccess) application 3.2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6906 | 1 Loli Chocolate Cake Project | 1 Loli Chocolate Cake | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Loli Chocolate Cake (aka com.alison.kang.chocolatecake) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7725 | 1 Iss | 1 Rally Albania Live 2014 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Rally Albania Live 2014 (aka com.wRallyAlbaniaLIVE2014) application 0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5757 | 1 Awesomeseating | 1 Buy Tickets | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Buy Tickets (aka com.xcr.android.buytickets) application 2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2012-5583 | 1 Apereo | 1 Phpcas | 2025-04-12 | 5.8 MEDIUM | N/A |
| phpCAS before 1.3.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | |||||
| CVE-2014-5754 | 1 Verizon Instant Refills 24\/7 Project | 1 Verizon Instant Refills 24\/7 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Verizon Instant Refills 24/7 (aka com.wVerizonInstantRefill247) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||