Total
2473 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7772 | 1 Mb Tickets Project | 1 Mb Tickets | 2026-05-06 | 5.4 MEDIUM | N/A |
| The MB Tickets (aka com.xcr.android.mbtickets) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6901 | 1 Nobexrc | 1 Radios Del Ecuador | 2026-05-06 | 5.4 MEDIUM | N/A |
| The RADIOS DEL ECUADOR (aka com.nobexinc.wls_87612622.rc) application 3.2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-1913 | 1 Ibm | 2 Rational Test Virtualization Server, Rational Test Workbench | 2026-05-06 | 5.0 MEDIUM | N/A |
| Rational Test Control Panel in IBM Rational Test Workbench and Rational Test Virtualization Server 8.0.0.x before 8.0.0.5, 8.0.1.x before 8.0.1.6, 8.5.0.x before 8.5.0.4, 8.5.1.x before 8.5.1.5, 8.6.0.x before 8.6.0.4, and 8.7.0.x before 8.7.0.2 uses the MD5 algorithm for password hashing, which makes it easier for remote attackers to bypass authentication via unspecified vectors. | |||||
| CVE-2014-6003 | 1 Belasfrasesdeamor | 1 Belas Frases De Amor | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Belas Frases de Amor (aka com.goodbarber.frasesdeamor) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7342 | 1 Echonewshk | 1 Echo News | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Echo News (aka com.solo.report) 1.10 application (beta) for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6720 | 1 Clearfishing | 1 Pesca De Carpa Lite | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Pesca de Carpa Lite (aka com.clearfishing.pescadecarpa.lite) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5552 | 1 Ilearnwith | 1 Numbers \& Addition\! Math Games | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Numbers & Addition! Math games (aka air.com.tribalnova.ilearnwith.ipad.App2En) application 1.4.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6823 | 1 Zhtiantian | 1 Kuailecaidengmi | 2026-05-06 | 5.4 MEDIUM | N/A |
| The kuailecaidengmi (aka com.licai.kuailecaidengmi) application 1.7.12.15 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5761 | 1 Zipcar | 1 Zipcar | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Zipcar (aka com.zc.android) application 3.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6933 | 1 Wavea | 1 Toraware Takojyou | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Toraware Takojyou (aka ltd.pte.wavea.torawaretakojyou) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5171 | 1 Sap | 1 Hana Extended Application Services | 2026-05-06 | 2.9 LOW | N/A |
| SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and other sensitive information by sniffing the network. | |||||
| CVE-2014-6868 | 1 Synology | 1 Ds Audio | 2026-05-06 | 5.4 MEDIUM | N/A |
| The DS audio (aka com.synology.DSaudio) application 3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2016-4379 | 1 Hp | 2 Integrated Lights-out 3, Integrated Lights-out 3 Firmware | 2026-05-06 | 4.3 MEDIUM | 3.7 LOW |
| The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which allows remote attackers to obtain sensitive information via a padding-oracle attack, aka a Vaudenay attack. | |||||
| CVE-2014-6684 | 1 Mol | 1 Mol Bringapont | 2026-05-06 | 5.4 MEDIUM | N/A |
| The MOL bringaPONT (aka hu.mol.bringapont) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7048 | 1 Bearidlock | 1 Bear Id Lock | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Bear ID Lock (aka com.wBearIDLock) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5628 | 1 Gameloft | 1 Wonder Zoo - Animal Rescue \! | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Wonder Zoo - Animal rescue ! (aka com.gameloft.android.ANMP.GloftZRHM) application 1.6.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6784 | 1 Fermononrespiri | 1 Fermononrespiri Mobile | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Fermononrespiri Mobile (aka com.tapatalk.rmonlineitforums) application 3.8.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6745 | 1 Sosocome | 1 Family Location | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Family Location (aka com.sosocome.family) application 3.4 2014-5-20 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7000 | 1 Paulalexanderformayor | 1 Paul Alexander Campaign | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Paul Alexander Campaign (aka hr.apps.n51261427) application 4.5.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7703 | 1 Pocketmags | 1 Terrorizer Magazine | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Terrorizer Magazine (aka com.triactivemedia.terrorizer) application @7F08017A for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||