Total
2464 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7307 | 1 Forosocuellamos | 1 Forosocuellamos | 2025-04-12 | 5.4 MEDIUM | N/A |
| The ForoSocuellamos (aka com.forosocuellamos.tlcttbeukajwpeqreg) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-3750 | 1 Bilyoner | 1 Bilyoner | 2025-04-12 | 5.8 MEDIUM | N/A |
| The Bilyoner application before 2.3.1 for Android and before 4.6.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7783 | 1 Billgbennett | 1 Bill G. Bennett | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bill G. Bennett (aka com.billgbennett) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6660 | 1 Blogkamek | 1 Koleksi Hadis Nabi Saw | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Koleksi Hadis Nabi SAW (aka com.wKoleksiHadisNabiSAW) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7456 | 1 Magzter | 1 Digit Magazine | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Digit Magazine (aka com.magzter.digitmagazine) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7696 | 1 Magzter | 1 Halftime Magazine | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Halftime Magazine (aka com.magzter.halftimemagazine) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0897 | 1 Ibm | 1 Flex System Manager | 2025-04-12 | 3.5 LOW | N/A |
| The Configuration Patterns component in IBM Flex System Manager (FSM) 1.2.0.x, 1.2.1.x, 1.3.0.x, and 1.3.1.x uses a weak algorithm in an encryption step during Chassis Management Module (CMM) account creation, which makes it easier for remote authenticated users to defeat cryptographic protection mechanisms via unspecified vectors. | |||||
| CVE-2014-5819 | 1 Mopl | 1 Phone For Google Voice \& Gtalk | 2025-04-12 | 5.4 MEDIUM | N/A |
| The PHONE for Google Voice & GTalk (aka com.moplus.gvphone) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0036 | 1 Amos Benari | 1 Rbovirt | 2025-04-12 | 6.8 MEDIUM | N/A |
| The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors. | |||||
| CVE-2014-3436 | 1 Symantec | 2 Encryption Desktop, Pgp Desktop | 2025-04-12 | 5.0 MEDIUM | N/A |
| Symantec Encryption Desktop 10.3.x before 10.3.2 MP3, and Symantec PGP Desktop 10.0.x through 10.2.x, allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted encrypted e-mail message that decompresses to a larger size. | |||||
| CVE-2014-5554 | 1 Ilearnwith | 1 Fun Preschool Creativity Game | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Fun Preschool Creativity Game (aka air.com.tribalnova.ilearnwith.ipad.MotherAppEn) application 1.6.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5809 | 1 Geniuscloud | 1 Smart Browser | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Smart Browser (aka smartbrowser.geniuscloud) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6640 | 1 Dnb | 1 Dnb Trade | 2025-04-12 | 5.4 MEDIUM | N/A |
| The DNB Trade (aka lt.dnb.mobiletrade) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7791 | 1 Appsgeyser | 1 Backyard Wrestling | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Backyard Wrestling (aka com.wBackyardWrestling) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6957 | 1 Boopsie | 1 Scottcolibmn | 2025-04-12 | 5.4 MEDIUM | N/A |
| The scottcolibmn (aka com.bredir.boopsie.scottlib) application 4.5.110 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7606 | 1 Concursive | 1 Concursive | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Concursive (aka com.concursive.app) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6668 | 1 Nana Project | 1 African Radios Live | 2025-04-12 | 5.4 MEDIUM | N/A |
| The African Radios Live (aka com.nana.africanradioslive) application 1.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5812 | 1 Viedemerde | 1 Vdm Officiel | 2025-04-12 | 5.4 MEDIUM | N/A |
| The VDM Officiel (aka vdm.activities) application 5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4881 | 1 Partytrack Library Project | 1 Partytrack Library | 2025-04-12 | 5.4 MEDIUM | N/A |
| The PartyTrack library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2016-4511 | 1 Abb | 1 Pcm600 | 2025-04-12 | 1.9 LOW | 2.8 LOW |
| ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file. | |||||