Total
2458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7466 | 1 Live Tv Browser Project | 1 Live Tv Browser | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Live TV Browser (aka com.wHDSmartBrowser) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7109 | 1 Nesvarnik | 1 Nesvarnik | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Nesvarnik (aka cz.dtest.nesvarnik) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6920 | 1 Canal44 | 1 Canal 44 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Canal 44 (aka com.canal.canal44) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7446 | 1 Bilingual Magic Ball Project | 1 Bilingual Magic Ball | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bilingual Magic Ball (aka com.wBilingualMagicBall) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6919 | 1 Afsinc | 1 Metalcasting Newsstand | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Metalcasting Newsstand (aka air.com.yudu.ReaderAIR3017071) application 3.12.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7646 | 1 Buzztouch | 1 Emt-paramedic Lite | 2025-04-12 | 5.4 MEDIUM | N/A |
| The EMT-Paramedic Lite (aka com.wEMTparamedicLite) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2016-4763 | 2 Apple, Microsoft | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-12 | 4.9 MEDIUM | 6.8 MEDIUM |
| WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly verify X.509 certificates from HTTPS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6959 | 1 Haowanlab | 1 Qincard | 2025-04-12 | 5.4 MEDIUM | N/A |
| The QinCard (aka com.haowan.qincard) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6774 | 1 Neorcha | 1 Usek | 2025-04-12 | 5.4 MEDIUM | N/A |
| The USEK (aka com.university.usek) application 1.0.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0296 | 1 Microsoft | 4 Windows 7, Windows 8, Windows 8.1 and 1 more | 2025-04-12 | 5.1 MEDIUM | N/A |
| The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly encrypt sessions, which makes it easier for man-in-the-middle attackers to obtain sensitive information by sniffing the network or modify session content by sending crafted RDP packets, aka "RDP MAC Vulnerability." | |||||
| CVE-2014-7659 | 1 Expeditersonline | 1 Expeditersonline.com Forum | 2025-04-12 | 5.4 MEDIUM | N/A |
| The ExpeditersOnline.com Forum (aka com.quoord.tapatalkeo.activity) application 3.7.13 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7060 | 1 Yourtango | 1 Your Tango | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Your Tango (aka com.your.tango) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7596 | 1 Paramore Project | 1 Paramore | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Paramore (aka uk.co.pixelkicks.paramore) application 2.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5323 | 1 Yukoyuko | 1 Yuko Yuko | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Yuko Yuko (aka jp.co.yukoyuko.android.yukoyuko_android) application 1.0.5 and earlier for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7717 | 1 Userfriendlymedia | 1 Mills-hazel Property Mgmt | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Mills-Hazel Property Mgmt (aka com.appexpress.millshazelpropertymanagement) application 3.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5794 | 1 Passion4profession | 1 8 Minutes Abs Workout | 2025-04-12 | 5.4 MEDIUM | N/A |
| The 8 Minutes Abs Workout (aka net.p4p.absen) application 2.0.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5874 | 1 Splashid | 1 Splashid | 2025-04-12 | 5.4 MEDIUM | N/A |
| The SplashID (aka com.splashidandroid) application 7.2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5871 | 1 Piwik | 1 Piwik Mobile 2 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Piwik Mobile 2 (aka org.piwik.mobile2) application 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7948 | 1 Google | 1 Chrome | 2025-04-12 | 4.3 MEDIUM | N/A |
| The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in content/browser/appcache/appcache_update_job.cc in Google Chrome before 40.0.2214.91 proceeds with AppCache caching for SSL sessions even if there is an X.509 certificate error, which allows man-in-the-middle attackers to spoof HTML5 application content via a crafted certificate. | |||||
| CVE-2014-5696 | 1 Sega | 1 Sonic 4 Episode Ii Lite | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Sonic 4 Episode II LITE (aka com.sega.sonic4ep2lite) application 2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||