Total
2450 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6723 | 1 Comicsplusapp | 1 Comics Plus | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Comics Plus (aka com.iversecomics.comicsplus.android) application 1.06 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5839 | 1 Labanquepostale | 1 Acces Compte | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Acces Compte (aka com.fullsix.android.labanquepostale.accountaccess) application 3.2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6906 | 1 Loli Chocolate Cake Project | 1 Loli Chocolate Cake | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Loli Chocolate Cake (aka com.alison.kang.chocolatecake) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7725 | 1 Iss | 1 Rally Albania Live 2014 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Rally Albania Live 2014 (aka com.wRallyAlbaniaLIVE2014) application 0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5757 | 1 Awesomeseating | 1 Buy Tickets | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Buy Tickets (aka com.xcr.android.buytickets) application 2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2012-5583 | 1 Apereo | 1 Phpcas | 2025-04-12 | 5.8 MEDIUM | N/A |
| phpCAS before 1.3.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | |||||
| CVE-2014-5754 | 1 Verizon Instant Refills 24\/7 Project | 1 Verizon Instant Refills 24\/7 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Verizon Instant Refills 24/7 (aka com.wVerizonInstantRefill247) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5724 | 1 Pocketmags | 1 Gambling Insider Magazine | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Gambling Insider Magazine (aka com.triactivemedia.gambling) application @7F0801AA for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5996 | 1 Gebrauchtwagenreport | 1 Dekra Used Car Report | 2025-04-12 | 5.4 MEDIUM | N/A |
| The DEKRA Used Car Report (aka com.dekra.maengelreport) application 3.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6801 | 1 Frank Matano Project | 1 Frank Matano | 2025-04-12 | 5.4 MEDIUM | N/A |
| The frank matano (aka com.frank.matano) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7416 | 1 Pocketmags | 1 Craft Stamper Magazine | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Craft Stamper Magazine (aka com.triactivemedia.craftstamper) application @7F080183 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7425 | 1 Doodlegod | 1 Doodle Devil Free | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Doodle Devil Free (aka com.joybits.doodledevil_free) application 2.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5872 | 1 Safenet-inc | 1 Safenetmobile Pass | 2025-04-12 | 5.4 MEDIUM | N/A |
| The SafeNetMobile Pass (aka securecomputing.devices.android.controller) application 8.3.7.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-3604 | 1 Not Yet Commons Ssl Project | 1 Not Yet Commons Ssl | 2025-04-12 | 6.8 MEDIUM | N/A |
| Certificates.java in Not Yet Commons SSL before 0.3.15 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | |||||
| CVE-2014-7041 | 1 Simbiotnetwork | 1 Simgene | 2025-04-12 | 5.4 MEDIUM | N/A |
| The SimGene (aka com.japanbioinformatics.simgene) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5820 | 1 Okcupid | 1 Okcupid Dating | 2025-04-12 | 5.4 MEDIUM | N/A |
| The OkCupid Dating (com.okcupid.okcupid) application 3.4.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6867 | 1 Sortir-en-alsace | 1 Sortir En Alsace | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Sortir en Alsace (aka com.axessweb.sortirenalsace) application 0.5b for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5614 | 1 Etoolkit | 1 Love Collage - Photo Editor | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Love Collage - Photo Editor (aka com.etoolkit.lovecollage) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7517 | 1 Myanmar Movies Hd Project | 1 Myanmar Movies Hd | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Myanmar Movies HD (aka com.wmyanmarmoviesHD) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6820 | 1 Amebra Ameba Project | 1 Amebra Ameba | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Amebra Ameba (aka jp.honeytrap15.amebra) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||