Total
2448 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7515 | 1 Onesolutionapps | 1 Bail Bonds | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bail Bonds (aka com.onesolutionapps.chadlewisbailbondsandroid) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7333 | 1 Qmania | 1 Aloha Guide | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Aloha Guide (aka com.aloha.guide.japnese) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6950 | 1 Civitasmedia | 1 Mt. Airy News | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Mt. Airy News (aka com.soln.SBE4A803AD6430A6E9DBA5688AA644148) application 1.0069.b0069 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5725 | 1 Truecaller | 1 Truecaller-caller Id \& Block | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Truecaller - Caller ID & Block (aka com.truecaller) application 4.32 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5574 | 1 Ask.fm | 1 Ask.fm-social Q\&a Network | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Ask.fm - Social Q&A Network (aka com.askfm) application 1.2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7558 | 1 Everest Poker Project | 1 Everest Poker | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Everest Poker (aka com.wEverestPoker) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7090 | 1 Vcccd | 1 Myvcccd | 2025-04-12 | 5.4 MEDIUM | N/A |
| The MyVCCCD (aka com.dub.app.ventura) application 1.4.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5867 | 1 Sparkpay | 1 Capital One Spark | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Capital One Spark Pay (aka com.capitalone.sparkpay) application 0.9.81 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7431 | 1 Standardchartered | 1 Breeze Jersey | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Breeze Jersey (aka com.sc.breezeje.banking) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6786 | 1 Tinytap | 1 Math For Kids - Subtraction | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Math for Kids - Subtraction (aka it.tinytap.attsa.deepsub) application 1.2.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6014 | 1 Ingen-studios | 1 Conquest Of Fantasia | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Conquest Of Fantasia (aka air.com.ingen.studios.cof.sg) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5790 | 1 Playscape | 1 Pets Fun House | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Pets Fun House (aka mominis.Generic_Android.Pets_Fun_House) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6829 | 1 Gethook | 1 Hook | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Hook (aka com.hook.android) application 0.9.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6025 | 1 Chartboost | 1 Chartboost Library | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Chartboost library before 2.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6882 | 1 Western | 1 Western Federal Credit Union | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Western Federal Credit Union (aka com.kerrata.pulse.western) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6814 | 1 Sentinels Randomizer Project | 1 Sentinels Randomizer | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Sentinels Randomizer (aka com.mikehipps.sentinelsrandomizer) application 1.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7049 | 1 Somcloud | 1 Somtodo - Task\/to-do Widget | 2025-04-12 | 5.4 MEDIUM | N/A |
| The SomTodo - Task/To-do widget (aka com.somcloud.somtodo) application 2.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4887 | 1 Nobexrc | 1 Joint Radio Blues | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Joint Radio Blues (aka com.nobexinc.wls_69685189.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5403 | 1 Hospira | 1 Mednet | 2025-04-12 | 5.0 MEDIUM | N/A |
| Hospira MedNet before 6.1 uses hardcoded cryptographic keys for protection of data transmission from infusion pumps, which allows remote attackers to obtain sensitive information by sniffing the network. | |||||
| CVE-2014-5975 | 1 Grabapp | 1 Eponyms | 2025-04-12 | 5.4 MEDIUM | N/A |
| The eponyms (aka com.anddeveloper.eponyms) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||