Total
2450 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-7439 | 1 Wolfssl | 1 Wolfssl | 2025-04-12 | 2.1 LOW | 5.5 MEDIUM |
The C software implementation of RSA in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences. | |||||
CVE-2014-8531 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-12 | 6.5 MEDIUM | N/A |
The TLS/SSL Server in McAfee Network Data Loss Prevention (NDLP) before 9.3 uses weak cipher algorithms, which makes it easier for remote authenticated users to execute arbitrary code via unspecified vectors. | |||||
CVE-2014-5818 | 1 Mobage | 1 Tiny Tower | 2025-04-12 | 5.4 MEDIUM | N/A |
The Tiny Tower (aka com.mobage.ww.a560.tinytower_android) application 1.7.0.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-3570 | 1 Openssl | 1 Openssl | 2025-04-12 | 5.0 MEDIUM | N/A |
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c. | |||||
CVE-2014-6642 | 1 Marksdailyapple | 1 Mark\'s Daily Apple Forum | 2025-04-12 | 5.4 MEDIUM | N/A |
The Mark's Daily Apple Forum (aka com.tapatalk.marksdailyapplecomforum) application 2.4.9.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-7518 | 1 Core-apps | 1 Bowl Expo 2014 | 2025-04-12 | 5.4 MEDIUM | N/A |
The Bowl Expo 2014 (aka com.coreapps.android.followme.bowlexpo14) application 6.1.1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-6988 | 1 Lumberapps | 1 Quotes In Images | 2025-04-12 | 5.4 MEDIUM | N/A |
The Quotes in Images (aka pt.lumberapps.imagensfrases) application 3.7.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-6694 | 1 5sos Family Planet Project | 1 5sos Family Planet | 2025-04-12 | 5.4 MEDIUM | N/A |
The 5SOS Family Planet (aka uk.co.pixelkicks.fivesos) application 2.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-7334 | 1 Magzter | 1 Where Dallas | 2025-04-12 | 5.4 MEDIUM | N/A |
The Where Dallas (aka com.magzter.wheredallas) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-7761 | 1 Sincerely | 1 Ink Cards | 2025-04-12 | 5.4 MEDIUM | N/A |
The Ink Cards (aka com.sincerely.android.ink) application 2.0.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-7779 | 1 Kuran\'in Bilimsel Mucizeleri Project | 1 Kuran\'in Bilimsel Mucizeleri | 2025-04-12 | 5.4 MEDIUM | N/A |
The Kuran'in Bilimsel Mucizeleri (aka com.wKurannBilimselMucizeleri) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2016-10099 | 1 Borg Project | 1 Borg | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an attacker to spoof the list of archives. | |||||
CVE-2014-6851 | 1 Nbcfc | 1 New Beginnings Cfc | 2025-04-12 | 5.4 MEDIUM | N/A |
The New Beginnings CFC (aka com.goodbarber.nbcfc) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-6841 | 1 Rtiindia | 1 Rti India | 2025-04-12 | 5.4 MEDIUM | N/A |
The RTI INDIA (aka com.vbulletin.build_890) application 3.8.21 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5882 | 1 Applica | 1 Homoo Ijiri | 2025-04-12 | 5.4 MEDIUM | N/A |
The Homoo Ijiri (aka jp.co.applica) application 3.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-7789 | 1 Zillionmuslims | 1 Zillion Muslims | 2025-04-12 | 5.4 MEDIUM | N/A |
The Zillion Muslims (aka com.zillionmuslims.src) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-6945 | 1 Dakshaa | 1 Neeku Naaku Dash Dash | 2025-04-12 | 5.4 MEDIUM | N/A |
The Neeku Naaku Dash Dash (aka com.dakshaa.nndd) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-7330 | 1 Xtendcu | 1 Xtendcu Mobile | 2025-04-12 | 5.4 MEDIUM | N/A |
The XtendCU Mobile (aka com.metova.cuae.xtend) application 1.0.28 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-7470 | 1 Jogoeusei | 1 I Know The Movie | 2025-04-12 | 5.4 MEDIUM | N/A |
The I Know the Movie (aka com.guilardi.jesaislefilm2) application jesais_film_android_1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-7327 | 1 Magzter | 1 Macau Business | 2025-04-12 | 5.4 MEDIUM | N/A |
The Macau Business (aka com.magzter.macaubusiness) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |